EXPERT
OPINION
USBs and NAS: Another practice
employees may have adopted while
working from home is the use of USB
thumb drives and network storage
devices. Personal storage devices
should be prohibited in the corporate
environment and not allowed to connect
to company computers and networks.
Do enforce device control to block
unauthorised USB and other
peripheral devices.
Inventory: As many employees took
equipment home, it is necessary
to register and keep an up-to-date
inventory of this equipment and its
whereabouts. In the first instance, this
makes sense to avoid wasting resources:
ensure employees return cables and
screens that they have borrowed from
the workplace. It is possible that some
staff took an extra laptop home and that
the device is now stranded somewhere,
perhaps even connected to the home
network and exposed to the world.
Keeping insecure software off
your network
Even if the devices used at home were
company-issued, they can still be a
threat if they are not installed with
updated software and security systems.
Updated OS and software: Unpatched
and outdated operating systems can
facilitate data breaches. Some employees
may have ignored the update prompt
or rescheduled these indefinitely. In
addition, some computers and servers
left on-premise may have been shut down
throughout this period. After restarting
these, it is important to install all available
software patches and updates.
Do make sure that all software is patched
on all devices returning to the office as
soon as practically possible.
Updated and Active EDR: An updated
EDR solution was vital to securing the
laptop at home, and it is of course
crucial in securing all devices in the
While unknown
connected devices
always pose a
security risk, the
return to the office
represents an even
bigger risk.
work environment. It is not unheard of
for some employees to disable security
software in order to perform certain
actions on their devices.
Do ensure that all your endpoints have an
active and up-to-date EDR Solution.
Unregistered software: It is possible
that some employees have installed
software for their own use, perhaps
because they were unable to use
company resources or simply because it
was more convenient than asking for the
approval of the IT department.
Software license inventory: Working
from home may have required certain
software licenses that are no longer
needed when working at the office. For
any software that employees no longer
need access to, it’s sensible to cancel
these licenses to reduce costs.
Preparing processes
and procedures
In addition to inspecting devices and
ensuring proper software is installed,
certain processes and procedures
must be implemented in order to
facilitate security.
Password reset: It is possible that
employees have shared their laptops and
credentials with their family or friends.
They may have re-used passwords
on new services or devices at home
When returning
to the office,
employees will
haul back all the IT
equipment they have
used at home.
or lapsed into other insecure habits.
Do ensure that all your employees are
aware of company password policy and
enforce compliance.
42 Issue 27 | www.intelligentciso.com