Policies in the Hybrid Environment: Information Security
As individuals continue to work from home, is corporate information and technology secure? Previously we had discussed the policy management dimension surrounding physical security in a hybrid work environment, but significant attention also needs to be given to information security (cybersecurity).
The modern home environment is filled with the internet of things (IoT). Everything is connected - speakers, exercise equipment, wall outlets, televisions, appliances, and more. If any of these devices have a vulnerability or backdoor, then it can compromise corporate data and systems, and if the home network itself is insecure it can compromise corporate data and systems. To support a remote or hybrid work environment it is essential that information security be addressed in home office IT security policies.
Organizations need to:
- Review or write their home office IT security policies to support the remote/hybrid environment. These should address minimum security requirements for the home network and corporate systems and information used remotely.
- Communicate and educate employees on these policies.
- Monitor and enforce these policies to ensure proper IT security controls are in place.
Your organization needs to adjust to the changing business environment and develop a policy management framework that makes it easy for employees within your organization to access and understand corporate policies within a hybrid work environment.
Featured in: Policy Management, OCEG HQ