The following content was presented by Tara Cho during a live webinar on March 13, 2020. To view a recording of this presentation, please click here.
Cybersecurity Reminders
- Ongoing Communications and Refresher Training
- Tell employees how company communications and updates will be provided
- Direct employees to review relevant policies, procedures and related technical controls
- Don’t let tunnel vision on the matter at hand create additional risk exposure
- Remote Workers and Virtual Environments
- Remind employees of security requirements and permissible uses for VPN or other remote network access
- Reinforce device management policies and controls
- Ensure infrastructure support / business continuity teams are on the ready and load test (as applicable)
- Remain Vigilant and Remind Employees to Do the Same
- Be prepared for phishing attacks, clickbait and other cyber scams
- Use trusted resources such as government websites
- Verify an organization’s authenticity (e.g., charitable organizations)
Privacy Considerations
- Collecting or Accessing Employee or Client/Customer Personal Information
- Continue to follow internal processes and legal standards when collecting personal data (including health information or travel information)
- Consider whether new policies should be developed, specific to data collection and processing related to triaging COVID-19 related issues
- Disclosing Personal Information
- Ensure disclosures to government officials or other third parties are permissible by law and privacy notices as well as client/customer contracts
- Ensure disclosures to government officials or other third parties are permissible by law and privacy notices as well as client/customer contracts