As the pandemic eases offices are reopening. While we can relax or discontinue rules on masks and social distancing, we cannot ignore the need to stay vigilant on cybersecurity.
Whether or not all employees return there are actions there are actions that need to be taken. This list is taken from a post by Viral Trivedi on the Ampcus Cyber website (https://www.ampcuscyber.com/blogs/key-cybersecurity-considerations-as-employees-return-to-the-office/).
- Office equipment provided to employees working from home may have been compromised. It should be quarantined and checked before re-connecting to the company network.
- Personal devices should not be brought into the office. If this is not practical, use endpoint detection and response with them.
- If systems were taken offline, assume they are not secure until IT assesses them.
- Be sure employees who have left are out of the company network.
- Inventory all IT assets.
- Review cybersecurity procedures with returning employees.
- Make sure all borrowed equipment is returned.
- Review the remote access policy.
- Conduct a security review; if any policies were relaxed, restore them.
- Update your business continuity plan. The coronavirus pandemic may be subsiding, but the ransomware epidemic continues to grow.