When talking about cybersecurity, it’s common to talk about the issues the impact the confidentiality and integrity of data systems that we rely on to conduct business on a daily basis. However, another critical area is availability of our information systems.
Typically, this is discussed in terms of recovering from a physical disaster, such as a hurricane or earthquake, where facilities or systems are no longer available. However, in light of the COVID-19 outbreak, you may need to start thinking about availability when it may not be safe to work in the same physical location.
Reports are coming in daily about the impacts of COVID-19 on supply chains and businesses across the globe. Recently, tech giants Indeed.com, Microsoft and Amazon have all asked their employees to work remotely for the next 30 days to prevent spreading the virus.
The first area of risk associated with COVID-19 is that of cyber attackers using the current atmosphere of concern to leverage cyber attacks against your organization and users. We recommend reminding your employees of how you would communicate about the virus, and that they should be mindful of emails, text messages and other online communications being directed at them designed to leverage their desire for additional information about the outbreak.
- It’s a good idea to make sure you are clear on how and who from your organization would communicate to the work force about any changes that might impact your company due to the pandemic.
- You should also communicate who employees can contact if they receive suspicious communications.
Additionally, seek-out and identify your county health officials and monitor both local and Federal information sources such as the Centers for Disease Control (CDC). Outside of the recommendations from the CDC on methods of protecting yourself from the virus, we also recommend preparing for the potential need to have your employees work remotely for an extended period of time.
Distribute a survey for your employees to complete to identify what equipment and Internet connectivity is available for a long-term work from home situation.
When establishing a long-term working from home solution consider the following:
- What is the available Internet bandwidth at your employees’ homes? Utilize a tool like speedtest.net for your employees to ensure they have enough speed to run your key programs. For example, EllieMae recommends at least 1.5 mbps for accessing their Encompass platform.
- If you use VPN have your employees validate that they can login remotely and that multi-factor authentication is functional.
- How will employees use your corporate phone platform? Will you have them forward calls to a personal number or can you utilize a softphone?
- Review your inventory of employees who already have a corporate laptop. Consider staff that might need another system to work from home with and how to loan them out as needed.
- Consider the use of Desktop as a Service (DaaS) solutions to enable employees who need to leverage personal computers.
- How you will handle employees that need multiple monitors to effectively do their job? You will also want to consider what cables, connectors, etc. they will need at home.
While the issues related to COVID-19 continue to evolve, being prepared for business disruption is the best way to ensure your company and your employees are safe and secure. COVID-19 is certainly not the last incident that could cause you to require extended work from home options, so building a plan now will help you better accommodate emergencies in the future and may help keep your employees and customer data safe. Contact us to get assistance assessing your cybersecurity needs.