Recent events turned our working lives upside down. With very little notice, millions of people around the world were sent home from their offices to suddenly adopt a remote work lifestyle. Four months into this adventure, most knowledge workers have adapted to working styles that replace conference rooms with video meetings and coffee chats with virtual happy hours.

I believe that we’ve arrived at a new normal where remote work will become a standard arrangement for knowledge workers. Both companies and employees will benefit from this approach. While employees can better balance their lives, companies will be able to reduce overhead expenses by consolidating and eliminating expensive physical offices. This work style comes with new cybersecurity considerations, and I urge organizations to adopt six key practices to adapt to our new working patterns.

The global pandemic and social distancing measures have redefined the office for many people. Industries that never would have considered allowing their office employees to work from home were forced to rethink decades of business as usual.

This change has also brought new technology needs. Since these businesses had built technology infrastructures that relied on traditional network and application architecture, a shift had to occur. Suddenly, IT departments were dealing with overloaded VPNs or having to deploy a VPN that they never had to maintain before. Compound that with the fact that users are now accessing company resources from networks or assets that corporate IT has no control over, that most home routers are still vulnerable to exploitation and that, in many cases, the network gates were flung open in the name of productivity ― it’s enough to give any CISO an ulcer.

So how can companies mitigate these risks? Now that everyone is settling into a routine and we’re adjusting to this “new normal,” it’s an ideal time to reach out to your users and talk about security.

I heard a question the other day that caught me off guard. “Why do you guys even sell IPS (Intrusion Prevention Systems), is there even value in that anymore? Shouldn’t you just recommend patching vulnerable systems?” 

Benjamin Franklin’s famous axiom is as true today, regarding data loss prevention (DLP), as it was when Franklin first made the quote.  While Franklin was actually addressing “fire safety,” data loss incidents today can cause organizations, both large and small, to “get burned.” Many IT chiefs are spending a vast majority of their precious budgets…

Vulnerability scanning and reporting are becoming a driving need within healthcare.  As advanced persistent threats or APTs are on the rise and constant exploits are being found, IT staffs are not always able to patch/update healthcare systems due to equipment guidelines. Having the tools in place to see potential issues and mitigate risk helps IT…

The Policy applies to the full lifecycle of CJI including its creation, viewing, modification, transmission, dissemination, storage and eventual destruction. The release of CJIS Policy Version 5.3 in August of this year takes into account the sweeping changes mobile technology has brought to the front lines of public safety services. Executive Summary The CJIS Security…