Extending the network to remote and work-at-home team members expand the attack surface and introduce management complexity; taxing IT support resources. An assessment of potential increased cyber-attacks and fraud need to be considered, and the security envelope broadened to include these employees and the system;
- A technical assessment of any remote systems should be completed, and a Work Plan generated to mitigate risk of cyber attack
- Assessment of current risks by qualified CISO or MS/SP personnel
- Update and testing of Modified Business Impact Analysis Worksheet
- Deployment of Remote Access Tools Usage Policy
- Deployment of Virtual Private Network (VPN) Policy
- Implementation of protective measures (e.g. NG AV, Employee Monitoring tools, etc.)
