Cybersecurity Reminders

• Ongoing Communications and Refresher Training

  • Tell employees how company communications and updates will be provided

  • Direct employees to review relevant policies, procedures and related technical controls

  • Don’t let tunnel vision on the matter at hand create additional risk exposure

• Remote Workers and Virtual Environments 

  • Remind employees of security requirements and permissible uses for VPN or other remote network access

  • Reinforce device management policies and controls

  • Ensure infrastructure support / business continuity teams are on the ready and load test (as applicable)

• Remain Vigilant and Remind Employees to Do the Same

  • Be prepared for phishing attacks, clickbait and other cyber scams

  • Use trusted resources such as government websites

  • Verify an organization’s authenticity (e.g., charitable organizations)

Privacy Considerations

• Collecting or Accessing Employee or Client/Customer Personal Information

  • Continue to follow internal processes and legal standards when collecting personal data (including health information or travel information)

  • Consider whether new policies should be developed, specific to data collection and processing related to triaging COVID-19 related issues

• Disclosing Personal Information 

  • Ensure disclosures to government officials or other third parties are permissible by law and privacy notices as well as client/customer contracts

The following content was presented by Tara Cho during a live webinar on March 13, 2020.