2022 Cybersecurity Checklist
We are almost two years into the pandemic and large employers across the country are still battling with work from home and requiring staff to come into the office. Recently, Citigroup, Inc, with over 220,000 employees, notified staff in the New York City area they could once again work from home. The Citigroup memo reads:
“We continue to closely monitor the latest medical data, and your health and safety remain our top priority, Like all of you, we hoped that Covid would be behind us by now, but greatly appreciate your adaptability, support for your colleagues and continued adherence to our safety measures.”
Citigroup is not alone in quickly pivoting its in-the-office stance, financial services firms such as Blackstone, Jeffries Financial Group, Citadel, and Millennium Management also recently told staff they could once again work from home amid a surge in COVID-19 positivity rate. Technology giants such as Apple Inc. and Alphabet Inc.’s Google have indefinitely put off their return-to-office dates with Apple also closing some retail stores in the U.S. and Canada. Universities are having to change direction as Cornell, Princeton and others shifted finals to online. The ride-hailing service Uber recently gave up on trying to predict a return-to-the-office date and shifted the timeline to “yet to be determined” as rival Lyft pushed their return-to-office out to 2023.
In some cases, the shifts in return-to-office (RTO) policies have created tension between management and staff as executives strive for a return to normal, and many employees strive for a redefined and more flexible “normal.” Nearly half of executives want to work from the office every day, contrasted with only 17% of employees, according to an ongoing survey of more than 10,500 white-collar workers in a half-dozen countries by the Future Forum, a research consortium.
Whether your business has returned to the office or made plans for an extended remote work policy, the topic of securing the remote workforce needs to be addressed. With state-sponsored mobile attacks and rapidly growing spear-phishing campaigns, off-network security is critical to protecting your employees, data, and systems. In a work-from-anywhere environment, security starts with knowing and controlling what devices and endpoints your remote workforce is using and how they are connecting while off-premise. As we head into the new year, here are the items that should be on the top of your security checklist regardless of where your employees are working.
- Require VPN for all off-network connections
- Require MFA and strong unique random passwords
- Implement advanced endpoint protection
- Educate your employees on identifying and avoiding phishing attacks
- Know and test your backups and breach response plans
- Begin your migration to zero-trust security
Contact us to learn more about securing your business in 2022