With the World Health Organisation declaring the Coronavirus disease (COVID-19) outbreak a global pandemic, organisations have been thrust into a period of uncertainty, with many needing to adapt their business operations to maintain service continuity. With global advice driving organisations towards a period of remote working and self-isolation/social distancing to control the outbreak, it’s important for organisations to balance the welfare of their staff with the needs of the business.
However, reacting to a state of emergency without the proper considerations for business planning, communication and security can result in a disaster for an organisation’s cybersecurity posture.
Often, organisations have teams and functions on either side of the remote working coin – some are set up to work remotely and are experienced at doing so, others may typically be used to a fixed office location. The challenge comes at times like these when everyone is required to work remotely. There are some simple things that organisations can do when considering remote working that allow them to maintain an effective working culture that, in turn, helps to ensure that staff wellbeing is considered alongside the required security controls.
It is essential that planning is considered when changing the way in which an organisation works, particularly for consideration for returning to ‘normal’. Whether it relates to setting objectives for staff, or for managing the expectations of customers if there is going to be a reduction in normal service, effective business planning ensures that operations are fully considered in order to provide a seamless continuation of service.
It is important to recognise that an office environment is difficult (nearly impossible!) to replicate when working remotely. This can present a cultural change that is difficult to adjust to for staff who are used to the hustle and bustle of an office. Add to that security controls, which are often taken for granted. It is important for managers to maintain an effective level of communication with all stakeholders, to ensure that business activities continue to be delivered with normal, if not more, considerations for security.
Working remotely often brings organisational challenges for collaborating securely. When planning for remote working, it is important to consider the security controls that form part of our daily activities and how these may need to be considered differently when remote.
These simple tips and reminders may help:
With specific reference to staff where working remotely is not part of their normal job requirement, it is important to maintain the right level of motivation. Whether it be focusing on delivering ‘business as usual’ activities from a different location, or participating in regular virtual catch up meetings, organisations who achieve a balance between business and staff wellbeing are often the most successful at continuing business activities through adversity.
Whatever your organisation’s position, it is important to recognise that business culture can be affected when changing an organisation’s normal business activity, particularly in relation to mitigating a health concern – by maintaining a balance, working remotely can be effective and safe.
The Cyber Resilience Assessment delivers value in three key areas, lessons learnt, security posture and future strategy.