• Office of the Comptroller

Three Step Cybersecurity Telework Plan

Navigating the current telework environment requires vigilant internal controls to protect equipment and systems from cyber compromise. With a significant increase in cyber fraud it is important to remain focused on security, since cyber incidents can cripple operations and infrastructure. Here is a three-step telework plan to keep security in focus so that operations won’t be disrupted:

  1. Deployment: Issue remote equipment and VPN with basic security protections, controls, and procedures. Capture all deployed equipment in an inventory by employee and track all issues and activity. Issue cyber awareness reminders to all employees.

  2. Security Review: Once equipment is deployed and stable, track on inventory a review of each deployed device, or BYOD personal use device, indicating that the equipment is up-to-date with security patches and updates, home Wi-Fi meets security standards, and one-on-one reminders are given to each employee about cybersecurity risks. This process is painstaking and time consuming, but critical to ensuring and tracking that basic protections are in place. 

  3. Maintenance: Set a schedule to ensure that weekly patches and updates on the inventory continue. Tracking updates will assist with keeping security protections up-to-date.  

We have posted some key tips about how to stay cyber-safe when teleworking. Please share these with staff who are working remotely, and send additional reminders as this period of teleworking continues. See the Cyber Center section for ongoing updates and tools to assist with this plan. 

98 views0 comments