Remote work may be here to stay, but reports of the demise of the office environment have likely been greatly exaggerated. Many employees will keep working from home even after local governments allow their organizations to reopen, but many will also return to their office, at least part-time.
A few months ago, when organizations suddenly told their employees to work from home, the abrupt shift to a new environment caused confusion, growing pains, and left companies with cybersecurity gaps.
This time around, businesses have time to assess their security protocols and make adjustments. Whether you’re preparing to begin calling employees back on-site next week or next year, here are some tips to ensure a secure return to work.
Make sure remote workers’ devices are being updated
If you haven’t already been doing so, make sure that remote employees using workplace-provided devices are receiving regular software updates. These updates frequently contain important security patches, so companies that ensure that their remote workers’ machines aren’t going unpatched will have fewer security risks when employees return on-site.
Validate devices as they return on-prem
As employees return to the office, plan to quarantine and validate their devices before allowing them to connect to the on-prem network. This applies not only to personal devices in BYOD environments but also machines that companies provided to employees to take home, even if the devices have received regular software updates. Updates reduce the risk of remote workers’ devices being compromised, but they don’t eliminate it.
Refresh employees’ cybersecurity training as they return
On-site best practices are different than what employees have grown used to while working remotely. Additionally, the cyber threat landscape has changed significantly over the past few months. Make sure your employees are updated on the latest threats, such as COVID-19 themed business email compromise (BEC), ransomware, and advanced persistent threats (APT).
Reevaluate cybersecurity policies & protocols
When organizations suddenly had to send staff home to work, many long-standing weaknesses in their security protocols came to light. As you prepare for your office to eventually reopen, you have an opportunity to address these issues. This is a good time to reevaluate role-based access control (RBAC) levels, identity and access management (IAM) protocols, password management, and security, and other security protocols.
Plan for a long-term remote work strategy
Even if your organization plans to recall most or all employees back to the office, their return will happen in phases, perhaps over an extended period of time. Some employees may not be able to return for the foreseeable future due to health concerns or childcare issues. Organizations that were prepared to send employees home to work experienced far fewer operational disruptions than those that had to scramble to get everyone set up.
IT administrators should not see reopening as a time to shelve their remote work security procedures. Instead, reopening is the time to buttress cybersecurity for both on-prem and remote workers.
Keeper secures all of your employees’ passwords
According to Verizon, approximately 80% of successful data breaches are caused by weak or compromised passwords. Unfortunately, even pre-pandemic, many organizations struggled with visibility into their employee password practices. These issues compounded once employees began working remotely, and if they are not addressed, they’ll worsen as companies bring some workers back on-site.
Keeper’s zero-knowledge password management and security platform provides organizations complete visibility into employee password practices, whether employees are working on-site, remotely, or a combination of both. IT administrators can monitor password use across the entire organization and enforce the use of strong, unique passwords, multi-factor authentication (2FA), role-based access control (RBAC), and other security policies.
For enhanced security, organizations can subscribe to valuable add-ons such as Keeper Secure File Storage, which enables employees to securely store and share documents, images, videos, and even digital certificates and SSH keys; and BreachWatch™, which scans Dark Web forums and notifies organizations if any employee passwords have been compromised in a public data breach.
Keeper can be deployed quickly, requires minimal ongoing management, and scales to meet the needs of any size organization.
Not a Keeper customer yet? Sign up for a 14-day free trial now! Want to find out more about how Keeper can help your business prevent security breaches? Reach out to our team today.