Managing IT Security Post-COVID

In the last few articles, we’ve talked about how the return to work isn’t inherently dangerous for your office network IT security, but how employee personal devices might pose a risk to your organization. 

 To finish out our Return to Work series, let’s talk this week about the steps you should take for managing IT security, now that COVID has changed everything. 

TL;DR: COVID changed the whole world, including how your organization should handle IT security, starting now. Top tips: Assume every network is compromised, train your employees on cybersecurity frequently, and buy cyberinsurance. Learn more.  

COVID Changed the World

Aside from the obvious ways in which COVID changed absolutely everything globally — probably permanently — the coronavirus lockdowns also wrought subtle changes while everyone sat at home, doomscrolling through apocalyptic newhttps://www.interplayit.com/contact/s or experiencing tragedy and upheaval themselves. 

Call us philosophical, but an existential experience like this makes people think a lot about the meaning of life, the meaning of their lives – things like that. And while everyone was sitting there, thinking and baking sourdough, a lot of people determined that their work-life balance had to change. 

At this point, Buffer’s 2021 State of Remote Work report shows that an incredible 97% of employees have stated they want to keep working remotely at least some of the time. This realization should create yet another COVID-related change: it should change your tactics for managing IT security

Here are three things to keep in mind moving forward. 

WFH (or From Anywhere) Is Officially a Thing

That statistic from Buffer, about how 97% of employees want to keep working remotely, is sobering. Especially in a high-tech, highly competitive environment like Seattle, this means that large and small employers will have to offer flexible work schedules from now on to attract talented employees. 

Post-COVID, this means that a significant portion of your workforce will be working from goodness-knows-where on any given day and using a combination of company-owned and personally-owned devices. The way you should address this is to simply assume that every network and device your sensitive business data is on is potentially compromised. 

Change your mindset about managing IT security post-COVID and ditch the old firewall tactic that keeps data safe only within a specified special perimeter, like the office building. Instead, update to much more secure Zero Trust Methodologies, which protect data anywhere and everywhere by requiring user and device authentication before granting access. 

In addition, switch to Mobile Device Management / Mobile Access Management solutions like Microsoft Intune, which validates device and user security before granting data access (and refuses access if security protocols aren’t met). 

Training Isn’t “One and Done” Anymore for Managing IT Security

With employees working from anywhere on every device under the sun and traveling in and out of the office network, your organization will have to be much more diligent about training and refresher courses on IT security management. 

Cybercriminals have been busy over the past year and cyberattacks have exploded in frequency and severity. Now, more than ever, it’s extremely important that you and your staff must know how to identify and avoid phishing and malware attacks. 

Change your mindset about IT service management to be more proactive instead of reactive. It’s a good idea to work with a managed IT services firm (we know just the one to recommend!), so you can implement a phishing awareness tool. One example, KnowBe4, trains and retrains employees to become your first line of defense against common cybersecurity attacks like phishing and ransomware. 

In addition, you may want to update your Acceptable Use Policies to clarify how your company is managing IT security post-COVID, and then make those protocols crystal clear to employees through explicit, repeat training and positive reinforcement. 

Cyberinsurance Is Necessary

About that increase in cybercrime… 

Since December 2020, the news keeps stating that each new attack is the “biggest cyberattack ever.” The scary thing is: they’re not wrong. Each month seems to bring bigger, more audacious and destructive hacking attacks, from the SolarWinds and Kaseya attacks that affected MSPs and their clients (including the Pentagon!) to the Microsoft Exchange Server attack that potentially compromised a lot of email addresses and email content. 

In comparison to those attacks, the Colonial Pipeline attack almost seemed quaint. That’s a disturbing thing to say. 

Keeping all that in mind, it’s important to change your mindset about IT security and just get yourself some cyberinsurance. Yes, cyberinsurance has its flaws. Yes, it’s expensive and irritating. But in today’s cybersecurity landscape, it seems like cybercrime has become a “not if, but when” scenario. Cyberinsurance gives you some peace of mind if things go wrong. 

In addition, make sure you maintain a regular backup schedule for your data. The best way to recover from ransomware is to have a backup of your data that you can restore yourself, without having to pay a ransom. 

The World Has Changed – Tactics for Managing IT Security Must Change Too

You know us; we’re not the gloom-and-doom types. We always fundamentally see the bright side in everything, even in all this. The good news about the way the world has changed is that it has given so many more people the freedom to manage their work-life balance better while protecting company assets – and there are wonderful IT security tools that make this easy to manage these days. 

Another bright side: Interplay clients are all being automatically upgraded to advanced cybersecurity coverage and can breathe easier knowing their MSP is still taking good care of them around the clock. 

And just because all good things come in threes: yet another bright side is that any time you have questions about managing IT security, or you need a helping hand, Interplay is here to help you with: 

Get Fast, Friendly, Expert Help Managing IT Security 

For 20 years, the friendly and knowledgeable team at Interplay in Seattle has helped business leaders across a range of industries get more out of their tech, stress free. Not only are we always (and we mean always) happy to offer the best managed IT services, support, and advice, we’re also the team you can trust for the best cocktail recommendations here in Seattle or in Disney World – we’re versatile! All humor aside though, we’d love to help you get your IT running smoothly and securely, around the clock.