March 17, 2020
Promoting A Secure Approach To Working From Home
Organizations around the globe are working to ensure service delivery and business continuity amid the COVID-19 crisis. KPMG Lower Gulf has put together the checklist below to guide organizations on providing secure remote access to their staff members, without contributing to security weaknesses.
- Share the organization’s teleworking/mobile device access policy
- Share the organization’s Business Continuity policy and Health and Safety policy
- Remind staff not to use organization-owned devices for personal activities or personal devices for work purposes
- Reiterate the importance of avoiding public/untrusted internet access
- Remind your staff to avoid or be careful when working in public areas
- Use a company provided or commercial VPN for remote access
- Provide multi-factor authentication for all staff
- If multi-factor authentication is not viable for all users, do not allow administrative accounts to be used for remote access. Administrative accounts should only be used after remote access has been made to an internal system or jump host