Keeping a Peaceful Home Office The 4 Essential Cybersecurity - - PowerPoint PPT Presentation

Keeping a Peaceful Home Office

The 4 Essential Cybersecurity Measures for Remote Work

We’re all a bit exhausted.

You might be uncertain about:

• How employees are using their time while working from home
• How overall productivity will be affected
• If more remote work means less social connection and a weaker culture
• If your staff trusts that you have things under control
• The security of your organization’s files and confidential information

Today’s focus: The security of your organization’s files and confidential information

Just as working from home isn’t just a temporary solution, cybersecurity is not just an issue now.

Agenda

• 1. The best ways to secure every employee’s workspace
• 2. How you should teach your teams to identify real security risks
• 3. What the Zero Trust Principle is, and if it’s the right approach for

your organization

• 4. What a detailed & responsible WFH policy looks like

**Stay until the end for an exclusive WFH resource!

Glenn Mudryk CEO

Speakers

Robert Craig IT Director

7

0.

The Fundamentals of WFH

What you need to know before we dive in.

Scenario A

Your remote workers use corporate laptops that are managed by your organization.

Scenario B

Your remote workers use their own machines.

Endpoint security measures often include anti- virus, application control, URL filtering, and other barriers to prevent hacking.

Data leakage is harder to manage. Data can leak if an employee sends emails to the wrong people

• r engages in risky behaviour.

1.

Securing every workspace

How to treat home offices like the real office

STEP 1) Set up remote access

Authorizing your employees to access their office computer and network from a geographical distance.

STEP 2) Keep worlds separate

Authorizing your employees to access their office computer and network from a geographical distance.

Using personal devices for work creates problems around document preservation and adds increased risk.

If you use remote access, your IT team should be:

• Installing regular updates
• Running antivirus scans
• Blocking malicious sites
• Transparent about their security measures

Work data is for work devices.

Home data is for home devices.

2.

Learn & teach security risks

Know your cybersecurity. Pass it on.

STEP 1) Know the risks

Identify and avoid phishing emails and websites.

Avoid the use of personal email, file sharing or communication services, and always use business accounts.

Avoid saving passwords, work-related emails or documents to personal email accounts, cloud databases and devices.

Don’t leave devices and paper documents in vehicles, even for a short time, and even if the vehicle is locked.

Don’t send sensitive information over email. Implement a secure means to sending specific types of sensitive information.

Don’t use unsecured or public Wi-Fi while working.

Be conscious of clicking links and downloading files, particularly from unsolicited and suspicious emails.

Lock computers and paper documents when away from the desk, even if the home seems secure.

Verify the security of electronic devices by updating software frequently, ideally with automatic updates.

Only use work-approved software systems and communication platforms.

STEP 2) Add WFH to your cybersecurity training

Your cybersecurity workshop should:

• Clearly communicate the potential impact of a cyber incident on your

business

• Train your employees to recognize and respond to a cyber attack
• Issue specific rules for email, internet browsing, social networks and

mobile devices

• Plan for follow-up cybersecurity sessions (like lunch & learns or even an
• nline forum)

Update your cyber-incident response plan.

Data breaches can lead to lawsuits and fines, productivity loss, and serious reputational damage.

STEP 2) Provide a take-home cybersecurity guide*

*Available after the presentation!

3.

The Zero-Trust Principle

And what it means for your business

In today’s world, the remote worker needs to be able to do everything they can do from their desk if you want your organization to remain productive and competitive …. … But allowing employees to access critical business systems and data from machines and networks you don’t manage or trust means the risk grows exponentially.

— Alex Willis

Blackberry Vice President of Sales Engineering

The Zero-Trust Principle

Organizations should not automatically trust anything inside or outside its perimeters, and instead must verify anything and everything trying to connect to its systems before granting access.

Some Zero-Trust measures

• Multi-factor authentication
• Encryption
• Identity Access Management
• Analytics

Zero Trust is a transformation of infrastructure.

4.

How to Create a WFH Policy

For a remote work-friendly future

What is a Work-From-Home Policy (or Telecommuting Policy)?

i) Questions to determine if telecommuting is appropriate

ii) A procedure for requesting to work from home or remotely

iii) Employment terms (in case working from home would have any effect on compensation or benefits)

To determine if it’s appropriate to allow an employee to work from home, the policy should consider…

• What are acceptable reasons for telecommuting?
• Is the employee eligible for regular telecommuting, by

nature of their job?

• Does the employee have the necessary equipment or

software installed at home?

• Will collaboration with the employee’s team suffer

greatly?

We know that remote work is a big adjustment for many people.

How we can help

1) Protecting your mission-critical business data in secure cloud storage

How we can help

2) Securing your endpoints with Zero-Trust measures

How we can help

2) Monitoring your network to prevent

• utages (at the office and at home)

Summary: The Four FIVE Essential Measures

• 1. Secure every employee’s workspace
• 2. Learn and teach cybersecurity risks
• 3. Apply the Zero-Trust approach for digital transformation
• 4. Create & enforce a WFH policy

The 5th and most important:

• 5. Ask for professional help when you need it.

Q&A

Thanks for coming.