Cybersecurity Post COVID-19: How to Ensure Safe Return to Work?
By Neelesh Kripalani
The COVID-19 pandemic has created many challenges for businesses across the globe. At first, it was employees working from home and the cyber risks arising from the same. But now as we adapt to the ‘new normal’, many people are looking to make the transition back to office and there are new set of challenges to ensure safe return to work. The relaxation of stay-at-home orders and work restrictions are going to result in additional cybersecurity concerns which arise from the rapid reintegration of remote workers.
As there was a sudden switch to remote working style, there is an increased reliance on personal devices (such as personal computers, USB drives and other peripheral devices) for office related work. If any of these personal devices are compromised due to lack of security measures, then they can pose a serious threat to an organization’s infrastructure as soon as they are connected to the internal network.
These risks are likely to impact all the organizations irrespective of their size unless the necessary steps are taken. In this article, we’ll discuss a fewsteps that you might want to consider to improve cybersecurity as employees return to the workplace…
- Scan all returning devices for vulnerabilities before they are connected to office network to avoid the spread of digital germs (if any).
- Use a phased approach for employees’ return instead of calling them all at onceand putting unnecessary stress on the internal IT team. It can lead to errors while they perform clean-up/patching of devices.
- Conduct awareness training before employees get back into action. Employees were used to certain routine in order to ensure cybersecurity. However, the work from home may have changed those habits. Educate employees on cybersecurity so that they get attuned to the safe and secure practices required at the workplace.
- Re-define cybersecurity policies in order to safeguard against modern threats. The hackers use modern techniques to launch attacks and thus, it is imperative for cybersecurity teams to constantly update the policies to cover modern threats.
- Make frequent security assessments and monitoring. Many organisations are adapting to the new normal of allowing employees to work from home and return to the workplace whenever required. Thus, it is important to make frequent security assessments and not make it a one-time activity.
- Adapt a ‘Zero Trust’ model’– As the no. of endpoints in use are on the rise, it is increasingly difficult to define a security perimeter. Thus, the best approach to reduce the risk is to adapt a zero-trust model which follows the principle that until proven otherwise, any attempt to gain access to the network is considered a potential attack. The model benefits from applying traditional perimeter security measures and additional levels of security within the network, and not just security around the perimeter of the network.
The new work-from-home world has poked countless holes in security perimeters. In the new normal, organizations and especially CISOs need to remain vigilant to various forms of risks and vulnerabilities that may appear once employees start returning to workplace. Some office-bound reflexes may have relaxed while working from home which can provide an opportunity to hackers to breach into the organization’s network. Thus, while the health of your employees must be the top priority while planning the return to work, you must also give due importance to the cybersecurity aspect to safeguard the organization’s systems and data.
(The author is senior Vice President & Head- Center of Excellence – Clover Infotech and the views expressed in the article are his own)