The implementation of corporate information

[rakhirhif8963]

When switching to remote work, Elman Beibutov recommends asking yourself the following questions related to information security. How to avoid hastily providing staff with more access than necessary? How to control which devices are used for connections and block access if user behavior changes? How to ensure that VPN client account passwords are changed and additional authentication factors are introduced? How to ensure prompt response to incidents when everyone is primarily busy ensuring business continuity in the new conditions?

In his opinion, to respond to increased information security risks, it is necessary to: conduct employee training on ensuring the information security of workplaces, remind them of the threats in the conditions of working on the "open" Internet and combining personal activity and work with corporate applications and data on one device; introduce control over the use of basic security measures on user devices (updates, the presence of anti-virus protection, a local firewall, prohibiting remote dominican republic whatsapp data of user devices.

Automate security policies on user devices using unified endpoint management (UEM) solutions; distribute multi-factor authentication as widely as possible when users connect remotely; for VIP users, configure the security of home Wi-Fi routers (change default passwords, check the use of strong encryption, prohibit administration via Wi-Fi, etc.); Privileged users (IT and IS administrators) should be provided with corporate laptops with corporate security tools, required to work only with them, and subjected to an IS hygiene check of their home infrastructure (protection of Wi-Fi hotspots, use of reliable Wi-Fi encryption, use of a reliable DNS server, etc.); administrators should be provided with remote access to IT and IS management tools for continuous monitoring and incident response.