Back to the office!
Many are rushing back to the office as the nation reopens. Some companies want all of their employees vaccinated and in the office, while others are using a hybrid approach. Either way, we’re back and ready to go! But, are we?
The devil is in the details
When COVID hit, there was a mad scramble to abandon the office and flee to the safety of our homes. What was thought to be a short stint of two weeks turned into a 15-month ordeal. During that time, many employers never addressed the security issues associated with working-from-home (WFH).
Companies allowed employees to log into their systems with hastily deployed VPNs without hardening home networks. In many cases, employees used their company-issued laptops for personal enjoyment, like shopping, surfing the net, etc.—all outside of the corporate protective bubble.
Others took their laptops to states or countries with better climates, which begs the question, “were proper security precautions taken while using WiFi in hotels or other temporary accommodations?”
Let’s face it, if people didn’t take precautions within their homes, how much security did they use when away?
The hidden danger: Malware may be sitting on employee laptops, gathering information, and ready to spring into action as soon as they connect directly to the office network.
Assume that devices coming back to the office are compromised
Taking this posture puts everyone on guard for possible issues. Think in advance and put policies and procedures in place to protect your company:
- Ensure that network security programs are updated, operational, and ready to detect anomalies when returning devices are connected.
- Scan all devices for vulnerabilities before connecting them.
- Make sure that only company-approved software is used. Remove all unauthorized programs.
- Validate that all software is up to date, including operating systems and third-party programs.
- If in doubt, wipe out machines and reinstall corporate-approved software.
- Scrutinize your network for any signs of abnormal behavior. Always be monitoring!
- Dust off your company’s Incident Response Plan, review and update it as necessary, and make sure it is ready to go.
Let’s not make the same mistakes that we made going into the pandemic by rushing things and not taking the necessary precautions—plan in advance for the return of your employees. Work in stages, and make sure all equipment is secure BEFORE reconnecting them back to the network.
All it takes is one “sleeper virus” to spring a surprise ransomware attack on your company to cause a lot of grief. Be safe.
XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection. Call (845) 362-9675 for a free consultation.