By the Cyber Readiness Institute
In response to the spreading coronavirus, companies around the world are closing their offices and telling people to work from home. Huge companies and small companies. Unfortunately, many small and medium-sized enterprises (SMEs) and their employees are not prepared for a sudden shift to remote work.
These are challenging times for organizations and every individual. In many aspects of their lives, people must change their behavior to adapt to the situation and minimize the disruption. Organizations and people are seeking stability and continuity. Although technology enables many of your employees to work remotely, it also opens the door to new cybersecurity and data protection risks. It is critical for you to lead by quickly establishing and communicating guidelines to your employees for cyber readiness during this pandemic.
This pandemic is causing enormous disruptions in people’s lives – inside and outside of work. Your employees may not have a dedicated space to work. They may have children who are home from school. They may have concerns about the health and safety of loved ones who are isolated. The patterns of how they do their job are being forcibly upended. Be sensitive to the behavior changes they are undergoing.
It is important to communicate to employees that their ability to adapt their behavior is critical to the continuity of your organization. Stress that part of the required behavior change is a new understanding of their role in cyber readiness. People are quickly changing their behavior to keep the virus from spreading by focusing on three things: effective, frequent hand washing, not touching their face and staying six feet away from others. Emphasize that the same approach is needed to be cyber ready when working remotely. Focus on the cyber hygiene essentials: strong passphrases; set-up automatic updates for patching; use a VPN or the cloud for data sharing and avoid using USBs and removable media; be aware of an increase in phishing and pay attention to emails that may prey on your emotion during this time. Finally, social distancing applies to cybersecurity: limit the amount of data you are posting on social media to reduce your threat landscape.
Making a rapid shift to remote working will require managers to orchestrate people and alter your processes to keep your business going while maintaining cyber readiness. At the Cyber Readiness Institute (CRI), we are publishing a series of guides that focus on the cybersecurity implications of remote work, especially for SMEs. We will continue to publish advice and share free tools during this critical time. You can find our latest guides here, including our most recent guide to help managers that are now dealing with a virtual workforce.