The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has issued a Telework Essentials Toolkit to assist market leaders, IT workers, and end-users move to long-term teleworking settings.
The COVID-19 pandemic compelled companies to quickly change from having predominately office-based employees to practically letting all personnel to work from home to minimize the probability of disease. The rate at which the change was made possibly brought in security flaws that allowed the organizational cybersecurity defenses to be vulnerable. The CISA Toolkit is supposed to give support to companies to assist them to re-examine and reinforce their cybersecurity defenses and completely move into a permanent teleworking setup.
The Toolkit contains three individualized modules which consist of best practices for IT specialists, executive leaders, and teleworkers, and detail the security factors suitable to every position.
Executive leaders are given information to assist them to push for a cybersecurity tactic, investment, and create a cyber secure hybrid setup in their company. Resources are offered to help company leaders create organizational guidelines and procedures for remote employment, provide cybersecurity training to enhance understanding of threats and hazards when opening organizational systems and data via a network, and moving organizational resources outside of the standard perimeter where they can’t be available to the organization’s tracking and response functions. Advice is given on responding to the fundamentals of cyber hygiene with the employees and giving clear and frequent updates on cybersecurity guidelines.
Guidance for IT experts is centered on the guidelines, procedures, and resources that must be integrated to make sure teleworkers could do the job and access the resources required via a network. The guidance details the value of patching immediately and employing efficient vulnerability management procedures, the requirement for zero trust architecture, frequent data backups, multi-factor authentication, and DMARC validation to deal with the threats of phishing and business email compromise with regards to remote working conditions. IT leaders should additionally state the tools and software that ought to be employed when working wirelessly and give training on using those tools safely.
Everybody has a part to play in the change from short-term to long term remote employment, which include end-users. The third module is focused on teleworkers and gives suggestions on the activities that must be undertaken to work safely from home. For example, making certain that home networks are correctly set up and hardened, adhering to organizational safety procedures and policies, raising familiarity with phishing and social engineering threats, and quickly reporting any suspicious things to the IT security team.
The CISA Telework Essentials Toolkit is available for download on this link.