Understand what you should consider to strengthen cybersecurity policies and practices.
The pandemic has changed working remotely from a forward-thinking perk to a business necessity. This change has dramatically broadened the attack surface upon which businesses must protect against attacks upon their business by hackers. The situation is complicated by the rushed way this change occurred, denying businesses the opportunity to methodically examine the people, processes, and technology that can safeguard business data. This topic is designed to address the question of what topics a business should consider strengthening cybersecurity policies and practices.
Learning Objectives
- You will be able to understand the rise of remote workers and its impact on security.
- You will be able to identify complications associated with the increase in hacking activity targeting remote workers.
- You will be able to develop strategies for monitoring remote workers without infringing on privacy rights.
- You will be able to assess the use of machine learning for employee monitoring and its ethical considerations.
Agenda
Introduction
- Approach
- Situation, Complications, Question
- People, Process, Technology
- Speaker Background
Situation, Complications, Question
- Situation - Rise of Remote Workers
- Complications - Increase in Hacking Activity
- Question - How Can We Better Secure Remote Workers?
People
- Deciding Who Should Be Remote
- Training Remote Workers
- Security Policies
- Compromise Risk, e.g. Malware, Phishing, etc.
- Monitoring Remote Workers
- Avoiding the 24/7/365 Issues
- IT Support
Process and Policies
- Personal Use of Provisioned Device/VM
- Bring Your Own Device (BYOD) Policies
- Identification and Authorization (IAM) Policies and Procedures
- Access to External Storage
- USB, NAS
- Use of Cloud Storage, e.g. Onedrive®, Google Drive™, Icloud®, etc.
- Data Loss Prevention (DLP) Solutions
- Collaborative Platforms, e.g. Teams, Zoom®, etc.
- Encryption of Data in Transit and at Rest
- Multi-Form Authentication
Technology
- Provisioned Equipment, I.E. a Company Laptop
- Hardened Virtual Machines (VM)
- Virtual Private Networks (VPN)
- Automated (Forced) Security Updates
- Malware Protections, e.g. Norton™, Kaspersky Anti-Virus, etc.
- Ml Employee Monitoring
Conclusions
Questions
Speakers
Patrick T. Cronin, Esq.,
Eastern Computer Forensics- Senior manager for Accenture, an international system integrator; Accenture is a consultancy which enables their clients’ team so their clients can implement the processes and technology to deliver data excellence and drive their business forward; Patrick’s focus is privacy and data governance
- Principal for 10 years in the forensic firm of Eastern Computer Forensics; Eastern Computer Forensics provides litigation support to law firms in the areas of data analysis, historic cell tower analysis, and forensic cell phone/hard drive analysis
- Conducts regular seminars on data analysis and data visualization for attorneys
- Has been admitted in both criminal and civil proceedings as an expert on data analysis topics
- J.D. degree, Rutgers University; B.S. degree in computer science, William Paterson University; cert. forensic analysis, Champlain College; cert. data analysis, Johns Hopkins University
- Can be contacted at patrick_t_cronin@msn.com
Who Should Attend
This live webinar is designed for presidents, vice presidents, business owners and managers, supervisors, directors, associates, administrative professionals, sales professionals, marketing professionals, and IT professionals.