Managing Your IT Risk During the COVID-19 Crisis
The COVID-19 pandemic has companies searching for alternative ways to conduct business. In light of CDC recommendations to practice social distancing, organizations are relying heavily on online conferencing platforms and telecommuting to sustain operations and support their customers. Implementation of these solutions is fairly simple. Even companies with limited resources can implement a “Bring Your Own Device” (BYOD) Policy and eliminate the need to purchase new equipment. However, businesses need to address the security risks associated with adding employees’ personal devices to their IT infrastructure.
Personal devices may be infected or compromised and could bypass security controls and/or disable security counter measures. Additionally, allowing employees or contractors to save company data on personal devices relinquishes data control/protections. Finally, teleconferencing increases opportunities for bad actors to intercept/eavesdrop on poorly configured computer systems and software applications. Although these risks exist, they can be mitigated by implementing cybersecurity countermeasure’s like Virtual Private Network (VPN) and Mobile Device Management (MDM) solutions.
A VPN solution establishes an encrypted communication channel between off-premise devices (e.g., laptop, tablet, mobile phone, etc.) and the corporate network. This is critical when employees are connecting to the corporate network from open or unsecured wireless networks. Using a VPN, employees can securely connect to digital resources and can prevent disclosure of private information.
MDM solutions provide companies with several ways to mitigate potential threats associated with use of personal devices to connect to corporate networks. These solutions include several features, including:
- Device compliance to ensure devices adhere to corporate policies related to:
- Malware protection
- System and software patches
- Device management to enforce security on personal device, including:
- Password management
- Device authentication
- Data Protection features that:
- Enforce data storage restrictions
- Allow remote data wiping to ensure data is not stored on personal devices
- Applies encryption to company data
Implementation of these types of solutions allows companies to address risk associated with BYOD policies without sacrificing security.
For additional guidance on risk mitigation strategies, please connect with a member of MFA’s IT Advisory Team.
Material discussed in this communication is meant to provide general information and should not be acted on without obtaining professional advice tailored to you or your company’s individual and specific needs. Any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used by any person or entity, for the purpose of (i) avoiding penalties that may be imposed on any taxpayer or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. This information is for general guidance only and is not a substitute for professional advice.
The information contained herein should not be construed as personalized investment advice. Investment in securities involves the risk of loss, and past performance is no guarantee of future results. There is no guarantee that the views and opinions expressed in this document will come to pass. Historical performance results for investment indexes and/or categories generally do not reflect the deduction of transaction and/or custodial charges or the deduction of an investment-management fee, the incurrence of which would have the effect of decreasing historical performance results. There can be no assurances that your portfolio will match or outperform any particular benchmark.
Information presented was obtained from sources deemed qualified and reliable; however, MFA makes no representations as to accuracy, completeness, suitability, or validity of any information within this communication and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. Any forward-looking statements are believed to be reasonable; however, MFA gives no assurance that such expectations will prove to be correct.