With the end of COVID quarantines in sight, many businesses are preparing to have their employees return to the office. But things have changed: some employees will work from the office, while others will choose to stay working from home, and still others will only work in the office part-time in a hybrid work arrangement. In fact, Forrester predicted that the number of employees working remotely will increase by 300% over pre-pandemic levels.
More employees working from home means that home networks and mobile devices have become a permanent part of the corporate network. Additionally, other members of the employee’s household now have access to this extended corporate network, and these family members might not be aware of how to avoid security risks such as downloading malware or responding to phishing attacks.
At the start of the pandemic, only 50% of Small Business Owners had updated their remote work guidelines, and only 4% of those employed cybersecurity best practices recommended by the SBA. Companies should take the time now to perform a self-audit and revisit their handling of their remote workforce and security practices, including revising the security training for employees to teach them how to secure their home networks and protecting the company’s sensitive data and network access.
Employers can also take actions right away to protect themselves, such as:
- Leverage existing tools to identify and mitigate increased online threat
- Utilize multi-factor authentication (MFA) for the for all services
- Configure VPN access to the company network
To develop and execute a return-to-work strategy needs a plan with the right resources to execute it. This requires executive support to ensure the plan is implemented companywide. Make sure to address specific policies in the plan, including how often passwords are changed and their complexity, incident handling, network, and infrastructure.
Companies should be asking themselves:
- What did we do that worked and we should continue to keep doing?
- What did we do that didn’t work and we should stop doing?
- What are things we didn’t do but we should start doing?
In addition to security concerns, businesses should be aware of the impact on the employees that the hybrid work environment will mean going forward. Just as the pandemic affected the work environment at the beginning, the return to the office will cause similar disruption with a “new normal”. Employees working from home have established new routines with their families as caregivers for elderly parents, babysitters for their young children, and education facilitators to their school-age children taking online classes. Employers need to exercise understanding as they once again ask their employees to adjust to new disruptions to their daily routines and supporting them on their return to the office.
To help your company adjust to the security challenges of returning to the office, watch Fastpath’s on-demand webinar, Managing the Hybrid Work Environment Post-COVID, presented by Frank Vukovits, Director of Strategic Partnerships, and Alex Meyer, Director of Dynamics AX/365 FO Development. This webinar covers:
- Where you should be focusing your security efforts
- Building a security plan for the return to the office
- Putting the elements in place: people, processes, and technology
- Steps your company can take now to make the transition go smoothly.
Below are suggested resources to help companies secure their hybrid work environment:
- Securing a new world of hybrid work: What to know and what to do - Microsoft Security
- Top 12 Tasks for Security Teams – Microsoft
- Making it easier for your remote workforce to securely access all the apps they need, from anywhere – Microsoft
- Secure remote access to on-premises apps - Microsoft
- Microsoft Security Score
- Azure Security Documentation
- Infrastructure Security
- Azure Network Security Overview
- Azure Database Security Overview
- Microsoft Dynamics 365 Trust Center
- Microsoft’s Cyber Defense Operations Center Shares Best Practices
- Office 365 Security and Compliance
- Azure Shared Responsibilities for Cloud Computing
- Security & Agility for a Remote Work Environment – BKD
- Maintaining Good Cybersecurity – Moser Consulting
- Protect Your Health (And Your Data): 6 Tips for Remote Working as COVID-19 Spreads- Ice Miller
- CIS Controls Telework and Small Office Network Security Guide
- Top 5 Steps to Securely Work From Home
- Online Security Tips for Working From Home
- Security Tips for Working From Home (WFH)
- Top Tips for Working More Securely From Home
- 12 Security Tips for the ‘Work From Home’ Enterprise
- National Cybersecurity Communications Integration Center – Build Security In
- Verizon 2021 Data Breach Investigations Report
- Cisco 2020 Cybersecurity Report
- Department of Justice Cyber Crime Press Releases
- NIST Cybersecurity Risk Management Framework
- SANS State of Cyber Threat Intelligence Survey
- National Cyber Security Awareness Month