2. Are we offering enough training?
Policies are only as strong as a team’s ability to follow them. Prioritize virtual or remote training to help make sure your employees are prepared to bring policies to life. Webcasts, short videos, and two-way dialogue work well. Using case studies and examples to illustrate any new cybersecurity risks teams may encounter, and the steps to take if they do, can bolster organizational defences.
Case in point: A Canadian financial institution located in Quebec seized the upside of this disrupted environment to develop and deploy new workforce training modules through their web-based security training platform. They’re preparing modules in advance, and deploying them as specific issues pop up. This organization gets it: employees are our first and best line of defence.
3. Where is our infrastructure vulnerable?
If you’re not already using a virtual private network (VPN), or a mobile device management/enterprise mobility management (MDM/EMM) solution, consider one now. VPNs enable your staff to connect to the organization’s network as though they were in the office. That keeps your team off less secure web and device duplicates, while encrypting links between remote employees and internal networks. MDM and EMM solutions help you set global security standards for mobile devices which dials down the risk of data exfiltration. Don’t forget to also focus on the latest patches and updates for applications and operating systems.
Case in point: The quick shift from paper-based, on-site work to a remote environment immediately triggered a similar realization for one leading Canadian law firm. As soon as they shifted to digital data in March, their team was unable to securely access sensitive information, share it safely, or collaborate confidentially. They swiftly moved to get the right infrastructure and tools in place to safely handle sensitive digital information.
4. Is our password game strong?
Seems basic, but something as simple as strengthening current passwords can go a long way to securing remote teams. Talk up the importance of replacing weak passwords with stronger passphrases. If you’re still concerned, consider implementing a multi-factor authentication (MFA) system to make doubly sure cybercriminals can’t get in.
Case in point: When a large mobility manufacturing company’s workforce went remote, they upgraded all password policies to stronger standards. Even so, they soon noticed an increase in malicious log-in attempts as hackers began to capitalise on the current situation last month. Because of their newly implemented use of MFA – and stronger passwords where MFA wasn’t possible – they were able to head trouble off at the pass.