March 20 - COVID-19 infosec awareness special

Today I trawled through our back catalog of information security awareness content for anything pertinent to COVID-19. The "Off-site working" security awareness module published less than a year ago is right on the button. 

"Off-site working" complements the "on-site working" awareness module, about the information risk and security aspects of working on corporate premises in conventional offices and similar workplaces. Off-site concerns the information risk and security aspects of working from home or on-the-road (e.g. from hotels or customer premises), often using portable IT equipment and working independently ... which is exactly the situation many of us are in right now.

Off-site working changes the information risks compared to working in purpose-built corporate offices. Mostly, the risks increase in line with the complexities of remote access, portability and physical dispersion … but offsetting that, off-site working can be convenient, productive and popular, and patently there are business continuity advantages in working through incidents such as COVID-19. 

Implementing appropriate security controls makes it work, on the whole, with security awareness being an essential part of the mix. People need to know about and follow the rules.

Several other awareness modules may also be pertinent. Even if you have home working security awareness covered already, there's plenty more worth saying!