National Cybersecurity Awareness Month (NCSAM) is an initiative created to raise awareness in the U.S. around the importance of cybersecurity. Founded by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance, NCSAM takes place each October in efforts to ensure all Americans have knowledge of the resources and tools they need to be safer and more secure online.

During Shelter In Place

When the pandemic first occurred in the U.S. in the Spring of 2020, folks quickly converted from the work office to the home office to lower the curve of infection.  The critical importance of a VPN or Virtual Private Network as a secure method when connecting to your company network could not be stressed enough.

“If You Connect It, Protect It.”

The effort is to emphasize that all personal devices connected to the internet are potentially vulnerable to attacks. As the popularity of BYOD and the IoT continue to grow, it’s imperative that organizations have a comprehensive, secure program in place that maximizes both user productivity and satisfaction while cutting costs and facilitating business continuity securely.

Now, many companies are transitioning back in a return to work as the crisis starts to subside somewhat.

Important considerations when bringing employees back to work

  • Ensure that all devices prior to being placed back on the network are thoroughly scanned for malware; we would even recommend using two different malware detection applications just on the off-chance that something is missed with the first.  Afterall, in many situations, these devices may have been out of the purview of the organization’s normal IT controls and in less secure home environments.
  • Evaluating the returning devices to identify whether any of the corporation’s data is saved locally and ensuring that data is migrated to the network.  Again, subjected to lax controls, individuals may have downloaded data from the organization’s network and placed it locally to work on it, but didn’t move it back to the network.  Now’s the time to do that.
  • Inquire about other devices that may have been in use during their Work From Home stint and make sure any data on those gets re-integrated into the organization’s environment.
  • Re-educate your employees to watch out for opportunistic phishing expeditions taking advantage of the Return to Work transition.  For example, employees might receive e-mails welcoming them back and introducing so-called “new” procedures that include requests for things like entering their credentials or verifying challenge-response questions — with those answers going to the attacker.
  • Figure out the “new norm” — it is unlikely that all employees will be coming back all at the same time.  Further, your organization may choose to allow a much greater Work From Home option long-term.  Many of the processes that you’ve adopted will likely work in this hybrid environment, but make sure that controls that were put in place to accommodate an entire staff working from home can also accommodate workers that have returned and still protect the organization from those that choose to continue to work from home.

Need assistance? Contact Vestige

If you have any questions or concerns about the most appropriate steps for your organization’s Return to Work, call Vestige today at 800-314-4357.

 

Do Your Part. #BeCyberSmart.