Cybersecurity has been a major concern since the rush to get employees set up to work remotely at the beginning of the pandemic. The staggered return to offices is now creating additional cybersecurity risks, but also an opportunity for CIOs and IT teams to take a more methodical and comprehensive approach.
We have compiled some cybersecurity guidelines we see as crucial for every business starting to return employees to their offices:
Update office machines. Update desktops, printers and other network devices that may have been sitting idle at the office with the latest security patches. Equipment that was not taken home by employees likely has not been scanned, updated or patched in over a year.
Use a phased approach. Set up rolling dates for employees to bring in their devices so your IT team can check for updates and potential threats and educate them on any new policies and procedures without being overwhelmed.
Take inventory of all devices. In many cases equipment such as wireless keyboards, extra monitors, web cams, and secure routers may not have been properly inventoried in the rush to set employees up at home.
Check for unauthorized software. Scan all company computers and devices for unauthorized apps and software. When employees began working remotely, many had to figure out workarounds on the fly, which sometimes meant adding apps or programs. This software must be validated by your IT team or removed before the device accesses corporate networks in order to ensure network security.
Run endpoint detection scans. Any devices that were not protected by corporate cybersecurity software during remote working time need to be scanned. Endpoint devices are a frequent target of cybercriminals so it is critical for IT teams conduct endpoint scans of all devices before they are brought back onto the corporate network.
Require password changes. Mandate that all employees and third-party suppliers to change passwords for devices and access to company networks to mitigate risk from any phishing scams your employees may have encountered.
Ban personal devices. Transfer all data from personal devices to company managed devices to prevent any malware from gaining access to your corporate networks.
Ban USB/Personal storage devices. The security of USBs and other personal storage devices is questionable, so using them on company machines should not be allowed. All files should be transferred to a company computer and scanned for malware.
The road back to work with a sound cybersecurity program may be complicated, but RAVENii is here to help you create a map for success. For more information about cybersecurity concerns and how RAVENii can help, click here or call (844)-317-0944.