With many of the COVID-19-related restrictions easing up around the country, returning to the office will come with its own set of security-related challenges. In addition to using DrawbridgeConnect, the items below should be considered as you plan to return the firm to business as usual:
- Machines that have been off for a prolonged period will be missing patches. Vulnerability management is key in returning to the office.
- Access rights should be reviewed, as many firms made changes to permissions to accommodate a remote workflow.
- Clear Desk Policy – Verify that any sensitive documents that may not have been properly secured before the lockdown are still there, and ensure that going forward those documents are properly secured.
- Verify that server patching has been taking place. Leverage DrawbridgeConnect-R to understand and remediate the vulnerabilities within your network.
- Confirm that your UPS units are still operating properly in case the building had a power down at some point.
- Verify that the latest firmware has been pushed out to any desk phones.
- Check the log of who (if anyone) has accessed the IT room, especially if it’s in a shared work environment.
- Make sure any devices that haven’t been connected to the Firm’s VPN are brought into the office to receive the proper software updates.
- Update asset inventories with any last-minute purchases for home working.
- Complete a risk assessment for any new remote working tools introduced into the environment.
- Ensure any changes to data flow within the business could not have resulted in loss of data or left data located on insecure devices (a clean-up at “home”, both technical and physical)
Many technical implementations were put on hold due to the pandemic, even with a strong cybersecurity program. Now is the time to move forward with those security controls that weren’t put in place previously. It’s a good idea to have a renewed focus on remote access security to prepare for the future.