business Securing against Data Leakage and Cyber-risk in the Wake of COVID-19 April 24, 2020 Your cyber posture has likely suffered due to the COVID-19 outbreak…so what can you do to make sure your organization stays secure? The COVID-19 pandemic has quickly changed every part of our daily routines, as we look to safeguard our health, the health of others, and also…our cybersecurity. As companies switch to a distributed workforce models, many are having difficulties, as employees are forced to work in new ways, using systems and processes that were not created for a distributed model. So, how are businesses coping? For now, here’s a sneak peek. What is a distributed workforce model? A distributed workforce is one that stretches beyond the typical workforce environment. Gone are the days when everyone at a company is working in the office. Nowadays companies often have office workers, static workers, telecommuters and mobile employees. How has COVID-19 impacted this? Due to the COVID-19 outbreak, most employees are, of course, working remotely. Along the way, decisions were likely made about the best way to work, without taking cybersecurity into account. Your security posture has most likely been weakened due to COVID, and your data is likely on more devices that are not under your control. How can businesses effectively support a new distributed workforce? To support a secure work environment businesses should: “Beef” up (or implement) remote access policiesEncryption of hard drives and removable storage devices (prohibit remote storage if possible)Make sure anti-virus/anti-malware and operating systems are updatedPermit access only on employee devices that are equipped with the employer-provided security software and the latest manufacturer software updates.Ensure secure passwords and passphrases for access and change NOW if not changed within the last 45 daysDisable mobile devices from home WiFi networksHarden home networks of key individuals and high level employeessForce passwords on all devices (even employee personal devices)Require multifactor authentication [MFA] upon each login to a company portal;Only allowing remote access through a virtual private network (VPN) with strong end-to-end encryption;Prohibit staff from working from public places where third parties can view screens and printed documents;Forbid use of public Wi-FiImpose added credential requirements when downloading materials. We hope you’ll join Envision on April 29, 2020 for their webinar, which will feature insights from KLR’s Dan Andrea, Envision’s Todd Knapp, Compass IT’s Jesse Roberts and. Register here. Questions? Contact us.