As businesses adapt and bring in place new working from home models, you need to be considering your company's cyber health.
JSA have been working with a Cyber Security company Ravinn recently on our own journey to ISO27001 accreditation, and as such we’ve become highly aware of cyber threats. Also we’ve made sure that we’re ready to roll out our working from home policy for our staff with the correct procedures in place and their full understanding of what is required from them to keep us all safe.
Based on what we’ve learned, here are the things you need to be aware of in light of current events with COVID-19:
For your staff:
- Educate staff to be alert to scam emails/texts/digital communications relating to COVID-19
- Ensure devices for working remotely are secure
- Use multi-factor authentication (including cloud services)
- Educate staff on best practices for cyber security (e.g. locking your workstation when not using it/ keep devices physically secure/ only use approved and configured devices and access points/ only store data in approved locations).
- Brief them on your WFH policy if you have one
For your organisation:
- Review your business continuity plans and procedures and make sure they are effective for the circumstances
- Ensure systems have the latest security patches
- If using a remote desktop client, ensure it is secure
- Ensure physical security is in place for your office
- Prepare for service outages on common services (like WhatsApp/ Skype etc) as more business start working remotely
If you’re keen to know more, we’ve formally partnered with Ravinn, to offer you support at this business critical time. With so much uncertainty, a quick cyber health check can offer you and your staff the reassurance that you and your business is safe working in an online environment, and you can also reassure your customers or clients.
Here’s what we can help you with:
Cyber Health Check
- Assessment of your current state of cyber security looking at
- People – your training, awareness and culture
- Process – your governance, risk awareness and response plans
- Technology – are you configured to be secure
- Action plan for how to remediate the immediate risks
Cyber Resilience Audit
- Full cyber risk and threat assessment
- Report on your current state of cyber resilience and what you should be aiming for
- Detailed action plan to remediate immediate risks AND longer term actions to take to become more secure
If you’re interested to know more, please get in touch with us.