Essential WFH cybersecurity tools and best practices
The above list of threat classes covers a lot of ground. But by taking an 80/20 approach, and focusing on the most essential WFH cybersecurity tools and best practices, firms can realize significant improvements in their cybersecurity posture relatively quickly. The following five tools and best practices are excellent places to start for most investment businesses:
EDRR or MDRR: A robust Endpoint Detection, Response and Remediation (EDRR) solution is an essential part of ensuring organizational security in a WFH world—because it offers a way to monitor, defend, and respond to threats on endpoints both inside and outside of the office. Firms should seek a solution that is proven, effective, and tailored to the unique needs of their industry. EDRR solutions can be challenging to implement and manage for firms with limited technical resources; for such organizations a Managed Detection, Response and Remediation (MDRR) solution offered by a trusted technical partner might be a better solution.
MFA: Multifactor authentication (MFA) is an absolutely non-negotiable cybersecurity best practice in today’s world. Given the widespread use of personal mobile devices and the danger of SIM-swapping attacks, MFA based on SMS text messages is not recommended. Safer options include MFA implementations that use authenticator apps, biometrics, or physical security keys.
DLP planning: A good data loss prevention plan is one of the best ways to protect an organization’s assets and ensure compliance. DLP plans should include protocols to prevent data exfiltration by malicious insiders—as well as by third parties with access to sensitive data. In a WFH context, a comprehensive DLP plan must account for the fact that privileged users will not always be on the company network or working on company-issued devices.
Access controls, auditing, and monitoring: In many ways, good cybersecurity is similar to good accounting or financial decision-making. It’s imperative to have well-thought-out policies and governance at the outset and ongoing vigilance to ensure everything is being done correctly. Investment businesses should implement strong access controls for all employees and contractors, both in the office and at home, to minimize the chance of unauthorized access to networks, systems, and data. By conducting periodic audits and regular monitoring, firms can make sure that these best practices and policies are actually being followed—and take corrective action if needed.
Security awareness training: Done correctly, security awareness training can be profoundly empowering for everyone involved. It alerts employees to new and current risks and defines a strategy for them to follow if they suspect they have been compromised. A cyber-educated workforce thus becomes a vital first line of defense for the organization—and a valuable resource for IT teams, who need as much data and information as possible to keep their users secure.
Next steps for improving cyber readiness
For organizations unsure of their current level of cyber readiness vis-à-vis WFH employees, here are three next steps to take:
1. Perform a comprehensive cybersecurity audit. Review all cybersecurity policies and procedures to ensure your processes are up-to-date and relevant to WFH users as well as in-office users. If you need help, get help—preferably from a cybersecurity partner that understands your industry and the complex regulatory and compliance requirements involved.
2. Based on the results of the audit, identify the most significant gaps in your current cybersecurity posture. Prioritize the steps that you would need to take to remediate these gaps—taking into account factors such as the likelihood and potential impact of an incident, regulatory and compliance requirements, remediation timeline, and cost.
3. Work with your internal cybersecurity team or a trusted third-party cybersecurity service provider to create a medium- to long-term plan to implement a mature cybersecurity program.