Description
Understand what you should consider to strengthen cybersecurity policies and practices in the age of COVID19.The pandemic has changed working remotely from a forwardthinking perk to a business necessity. This change has dramatically broadened the attack surface upon which businesses must protect against attacks upon their business by hackers. The situation is complicated by both the rushed way this change occurred, denying businesses the opportunity to methodically examine the people, processes, and technology which can safeguard business data. This topic is designed to address the question of what topics a business should consider to sure up cybersecurity policies and practices in the age of COVID19?
Date: 2021-01-14 Start Time: End Time:
Learning Objectives
Introduction
• Approach
• Situation, Complications, Question
• People, Process, Technology
• Speaker Background
Situation, Complications, Question
• Situation • Rise of Remote Workers
• Complications • Increase in Hacking Activity
• Question – How Can We Better Secure Remote Workers?
People
• Deciding Who Should Be Remote
• Training Remote Workers
• Security Policies
• Compromise Risk, e.g. Malware, Phishing, etc.
• Monitoring Remote Workers
• Avoiding the 24/7/365 Issues
• IT Support
Process and Policies
• Personal Use of Provisioned Device/VM
• Bring Your Own Device (BYOD) Policies
• Identification and Authorization (IAM) Policies and Procedures
• Access to External Storage
• USB, NAS
• Use of Cloud Storage, e.g. OneDrive®, Google Drive, iCloud®, etc.
• Data Loss Prevention (DLP) Solutions
• Collaborative Platforms, e.g. Teams, Zoom®, etc.
• Encryption of Data in Transit and at Rest
• Multi-Form Authentication
Technology
• Provisioned Equipment, i.e. a Company Laptop
• Hardened Virtual Machines (VM)
• Virtual Private Networks (VPN)
• Automated (Forced) Security Updates
• Malware Protections, e.g. Norton, Kaspersky Anti-Virus, etc.
• ML Employee Monitoring
Conclusions
• Questions
Patrick T. Cronin, Esq.-Accenture
