How to facilitate a cyber safe return to the office

Part 2 - Focusing on technology, controls, resilience and access

Most companies were not prepared for the surge of remote working that ensued as a result of COVID-19 and the subsequent lockdown. Even companies such as Zoom and Teams, which many of us quickly adopted, struggled to cope with the dramatic shift in working practices.  

To accommodate the home working surge, temporary measures were adopted, concessions were made, free trials snapped up and solutions quickly introduced. Now that lockdown is easing, there is no better time to review those snap decisions and put long term policies in place. Have you loosened the reigns too much, is your infrastructure creaking under the strain of increased utilisation, is your user base used to freedoms that usually wouldn’t have made it through security assurance processes? 

 

“The Password”… Not gone quite yet… 

Many companies eased their password requirements to accommodate lockdown. Especially those who were unable to facilitate self-service account management practices. If you are able to facilitate remote password resetswe recommend doing so asap. If you are not able to do this, you may receive a large number of support requests as users return to the office. We have a few solutions that can help to minimise support requests and accommodate remote password resets, get in touch for advice. 

New ways of working 

The ‘new normal’ introduces a rise in remote working and will likely result in a shift towards hybrid home and office working arrangements. For many companies the office - as we knew it - will be a thing of the past. Amongst the likely logistical and social distancing conversations it’s worth considering how this will affect your security posture. Will your users have seamless access to the systems they need? Equally, will legacy ‘office based’ policies stand up to a workforce that may now be predominantly remote? Do you need to introduce additional measures and toolsets to protect data now that it may be accessed remotely? Will your ITAM systems flex to managing remote assets that may now be shipped directly to end users? 

 

Furloughed staff back en masse 

Maybe, you, or a portion of your business were on the government furlough scheme or accepted reduced hours for the last few months. Your solutions may have ticked along quite happily on limited usage but with the economy picking back up and lockdown easing, it’s worth considering whether your systems are resilient enough and scalable enough to accommodate the full breadth of the workforce returning. 

Housekeeping and New Toolsets 

Remote working quickly scaled up our use of collaboration software such as MS Teams andZoom. It also introduced an uptake in cloud storage solutions such as OneDrive and Google Drive. Many of us adopted new solutions through free trials to accommodate the business’ new ways of working. This provided a great opportunity for us to have tried and tested many new tools that may not have previously been considered. There’s no better time to subjectively review your solutions.  

  • Are there systems that your users have managed to live without?  
  • If systems were adopted through a free trial, will you continue to have the functionality and security features when the trial ends?  
  • Were technologies introduced as temporary measures or to plug an immediate gap that is no longer required?  

Now the dust has settled a little, it’s strongly advised that reviews of these systems are made to ensure that they are optimised. Perhaps there is another solution with lower TCO, improved functionality or that fits the strategy and direction of the organisation more closely.  

Managing ‘JML’ Processes Remotely? 

It’s been a busy time for the job market, lots of movement of staff and most needing to be on-boarded remotely. Unfortunately, there have also been many redundancies resulting in a requirement to manage leavers remotely too. One key question to ask is; “Am I assured that leavers are unable to access company data?” If you are unable to answer this, we have a variety of solutions to help you gain visibility and enforce true RBAC across the entire workforce.  

Joiners & movers processes are likely to change too. With new starters and lateral movers likely not visiting the office, access reviews and privilege management play a core part in ensuring that users have access to only the systems they require to complete their day to day tasks. 

Interested?

Want more information?

Get in touch with us