Managing the Cyber Risks of Remote Work
Protecting Remote Work from Cybersecurity Risks – BCG identified seven steps for company to protect themselves from cybersecurity risks while employees work remotely during the COVID-19 crisis
Summary:
- Assess Core IT Infrastructure – Build a comprehensive inventory of devices authorized to company’s network ensure the security of their connections, while configuring firewalls, servers and collaboration platform to accept them
- Secure Applications and Devices for the Remote Workforce – Encrypt all devices accessing the network, continue monitoring connections, establish comprehensive incident response plans, and install remote collaboration security protocols
- Embed Cybersecurity into Business Continuity Plans – Incorporate cybersecurity provisions into business continuity plans, across several dimensions including: guaranteeing emergency remote access, training back up teams and leveraging third party support, putting clear communication plans in place, and adapting plans on current situation
- Make Remote Workforce Aware of Added Security Risks – Train employees to use new tools securely, establish protocols for remote workers to authenticate each other, and create knowledge repository for working remotely
- Establish Protocols and Behaviors to Prepare for Secure Remote Work – Expand and augment current support center, explicitly define proper behavior for remote work, adequately provide for remote meetings and collaboration
- Embed Cybersecurity in Corporate Crisis Management – Update current crisis management plans to incorporate COVID-19 risks and implications, ensure that mission-critical technology and personnel are still functioning, maintain visibility on status of all employees, and provide frequent communications
- Update Access and Security Measures – Ensure that executives and key personnel who have access to vital and sensitive company data are following strict guidelines and being more observant of potential security risks
Company:
Boston Consulting Group (BCG)
Category:
Remote work
Source:
- Managing the Cyber Risks of Remote Work, Mar 2020 (BCG)
Original publication date: March 20, 2020
Date last updated: April 2, 2020