The coronavirus continues to hurt the wellbeing of each and everyone one of us, affecting everyday life and the global economy. Office shutdowns have been ordered by governments and many businesses are now working with an entirely remote workforce for the first time.
Keeping productivity as high as possible and eliminating IT-led outages is going to be your modus-operandi for the next few weeks and months. It’s critical that you not only keep the lights on and data accessible, but that you proactively keep corporate data as secure as if all employees were on-site within the corporate firewall.
Here are the factors to consider.
The fast-moving landscape caused by the virus has also created a state where hackers, scammers and spammers are thriving. Without doubt having an influx of home workers raises the threat profile for your organisation as attack surfaces increase. Re-evaluate your IT policies, and update to support a remote workforce. Use tools at your disposal already to set up alarms and alerts that flag unusual activities.
In these times of stress and distraction, employees are more likely to fall for malicious scams and tricks. Experts report that thousands of new domains are being developed every day to host phishing attacks and trick unsuspecting victims into clicking malicious links. Consider sending a list of the valid URLs for your staff to check against.
Ensure you make known all the ways that your IT department will communicate with staff. Let them know the official channels via a help desk system, content manager, specified email addresses or messaging systems like Slack and Microsoft Teams so that they can be wary of anything that arrives via other channels.
Think about where you keep your backups and if that needs to change. It’s common industry advice to adopt the “3-2-1” rule, which states you must have at least three copies of your data, which consists of the original production data copy and two backups. The two refers to having at least two different types of media to store copies of your data, for example, local disk and cloud. Finally, you need to keep at least one backup offline or offsite, or in an immutable state.
If you’re going to give your staff the ability to restore their computer in the event of issues, it’s critical they understand the importance of backups. Issue an educational communication stating how to conduct a backup locally, where to store files, and when backups should take place to minimise the effect on ‘live’ environments.
Given there will be workers using their own laptops, and with no on-site IT available, ensuring local recovery tools are in place is a must. This will allow a remote worker to restore their laptop to a working configuration without any external help.
As you likely know already, not every backup job completes – and those that do are not always reliable. Ensure your copies are usable and can be trusted for restores by testing them through your backup tool or console, and this can even be done with your backups in the cloud through a provider’s dashboard.
If you’re not making use of or don’t have a file share system that is remotely accessible or a cloud hosted file exchange, now would be a good time to investigate and fix this. The proliferation of corporate data being shared on unsecure consumer services and platforms that aren’t authorised by corporate IT is high, and the need for access to centrally-stored files and resources will not disappear after the viral threat eases.
Another good task to do right now is check for file copies and see where you have duplication. Where it is possible, look to apply deduplication, and compression tools, and enable small file optimisation.
If you can adapt quickly and take onboard some of the points mentioned above, you put your organisation in a better place to tackle what lies ahead – whatever that may look like.
All tips worth considering. Speak with Austbrokers Terrace about Cyber Insurance.
Source: Inside Small Business