iCybersecurity Reminders
-
Ongoing Communications and Refresher Training
-
Tell employees how company communications and updates will be provided
-
Direct employees to review relevant policies, procedures and related technical controls
-
Don’t let tunnel vision on the matter at hand create additional risk exposure
-
-
Remote Workers and Virtual Environments
-
Remind employees of security requirements and permissible uses for VPN or other remote network access
-
Reinforce device management policies and controls
-
Ensure infrastructure support / business continuity teams are on the ready and load test (as applicable)
-
-
Remain Vigilant and Remind Employees to Do the Same
-
Be prepared for phishing attacks, clickbait and other cyber scams
-
Use trusted resources such as government websites
-
Verify an organization’s authenticity (e.g., charitable organizations)
-
Privacy Considerations
-
Collecting or Accessing Employee or Client/Customer Personal Information
-
Continue to follow internal processes and legal standards when collecting personal data (including health information or travel information)
-
Consider whether new policies should be developed, specific to data collection and processing related to triaging COVID-19 related issues
-
-
Disclosing Personal Information
-
Ensure disclosures to government officials or other third parties are permissible by law and privacy notices as well as client/customer contracts
-
The following content was presented by Tara Cho during a live webinar on March 13, 2020.
