Regular readers of my blogs will have noticed that I appear to be somewhat obsessed with the idea of returning to the office. That is indeed correct, although I am not sure if I am motivated by the need to be around other humans or just further away from my biscuit tin! Anyhow, this blog focuses on IT “things” to think about when you return to that previously deserted workplace and prepare to switch on all the IT equipment that has laid dormant for the last 4 months.
Now, I can’t claim to be a general technical guru (although I do know my cyber stuff!) I merely want to give you some thoughts to consider yourselves and questions to ask if you are fortunate enough to have an IT service provider in place to help you.
So, in true Top of the Pops style… here are my Top Ten Tips for the workplace return.
10. Update and Patch Devices
Any devices which have been switched off for the last few months will be out of date with security updates and patches. Turn them on and run an update, well in advance of the office opening date (some of these patches take an age to update). Also, remember to patch and update other devices, such as server routers, firewalls, wireless access points, printers and Network Attached Storage (NAS) devices. Hopefully your IT service provider will have centralised patch deployment – if not, you will need to check every machine manually.
9. Make sure Antivirus is up to date
Again, one of those things that runs away in the background that is largely unheeded by users. Ensure that every device has an updated version before people start opening files and accessing the internet.
During the pandemic we have seen an increase in people using personal devices to be able to continue to operate (known as Bring Your Own Device (BYOD)). It may be the case that these devices are storing files only on the device (locally) and are not subject to a backup regime. Now is a good time to get all business data off personal devices and onto the organisation network, where it will be backed up as part of the normal routine. Remember to delete all business-related data off personal devices, especially any personal information that might put you at risk of a data breach. Also, check with your cloud service provider that the storage location of your data fits with your documented requirements under GDPR/Data Protection 2018 regulations. Cloud storage as a service is a great way to provide resilience and always on access to important documents – maybe it’s time to revise your IT strategy to ensure that data is always available.
Remembering your password after two weeks summer holiday is often a challenge – imagine how difficult it will be after four months! Be prepared for lots of password re-set requests on day one back in the office. Maybe this is an opportunity to force a password re-set for all. Be mindful of the advice from the National Cyber Security Centre (NCSC) on strong passwords and choose a minimum of three random words. Password managers are good tools to adopt too.
6. Changes to the Network Perimeter
To enable us to work from home, many IT departments implemented remote access solutions, such as Virtual Private Networks (VPN). These can pose a risk of exposing services to the internet that may have not be appropriately configured. Remember to close down any ports on your office router or firewall that may have been opened to facilitate remote working but are no longer required. Additionally, if you have on boarded any new staff during lockdown who have devices that haven’t been on the network before, make sure you take time to integrate these in a safe way.
5. Check software hasn’t expired
Outdated software brings a couple of issues – should you have missed the invitation to renew in the backlog of emails, the software required to undertake a particular task may no longer be available to you. More problematic than that, outdated software won’t have been sufficiently patched and could cause vulnerabilities on your system.
4. Sync mailboxes
Again, a task to undertake before day 1 back in the office. Depending on how popular your users are, it can take a while for Outlook to update. When the computers are back up and running, fully updated and patched, open Outlook and let it sync. Could save a long wait…
As with other office devices, printers have sat dormant for a long while now. Deskjet and Inkjet printer heads may have gummed up and won’t be able to operate as they used to. Try running the cleaning routine or replacing the print head to resolve the issue.
2. Multi Factor Authentication
This bright new world may be a good time to improve overall security by introducing multi factor or two factor authentication (MFA/2FA). This has become very commonplace in our daily lives with our banking and some shopping apps. Using MFA in the workplace can reduce the likelihood of a successful account compromise.
1. Cyber Training
During the COVID outbreak, cyber criminals have not gone away. If anything, they have been super inventive and agile in adapting their latest scam to reflect the changing conditions of the pandemic. Over the past 4 months or so, 2,866 victims have lost a combined total of over £11,316,266 to scams. Business Email Compromise, Mandate Fraud and Phishing remain the weapons of choice for our perpetrators. Now, more than ever, it is vital that cyber awareness training is undertaken. NCSC have recently updated the excellent Top Tips e-learning package – a 30-minute overview of general cyber awareness with good signposting for more information. Well worth including in a suite of “welcome back to the office” training measures.
As I mentioned at the introduction to this blog – this is just a whistle stop tour of things IT related to consider when returning to the office. As ever, there is more really great information available on the SCVO Information Hub with signposting to resources such as risk assessments and other office related practicalities.
Now, where did I leave my biscuits??? That was hard work!!