March 30, 2020
As a CIO, IT Manager or Senior Executive you may experience a sense of mild panic at the prospect of high numbers of staff suddenly vacating the office to work remotely. That’s unsurprising but the world as we know it is changing due to COVID-19.
The solution is preparedness. It’s never too late to formalise arrangements by drafting a sound and robust remote access policy. Everybody needs to fully understand what is expected of them:
Users – How to continue to be productive while appreciating the dangers posed by devices that are remotely connected to the organisation’s systems.
Managers – How to give remote workers the fullest possible access to the organisation’s systems while ensuring that security is tightly maintained (and risks are managed).
Technical – The special and/or additional safeguards (controls and measures) that need to be in place to protect the organisation’s networks, systems, data and people.
There is no one-size-fits-all policy but there are a number of core best-practice principles. By addressing each one as fully as possible you mitigate the risk of a “nobody told me that” scenario. Minimising confusion by maximising clarity and scope is the overarching guiding principle.
In our long experience of helping organisations and businesses to formulate remote access and other IT policies, some primary guidelines have stood out in almost every case.
Rule #1 – Policies with the most impact contain well written high-level statements documenting the rules and guidelines around systems management, operation and use.
Rule #2 – Producing good policy content triggers the creation of excellent supporting process and procedures documentation.
Rule #3 – Stakeholder engagement encourages buy-in and leads more readily to smooth policy adoption and compliance.
It’s our job to help you arrive at your destination safely by implementing a remote access policy that is clear, unambiguous and easily understood.
Our experts have helped many organisations navigate the development, delivery and maintenance of policies which are key to mitigating cybersecurity risks.
In the current fast moving and uncertain environment, the combination of people, process and technology is going to be fully tested in many cases. Make sure that your organisation wins that battle.
Our policies cover all of the many important areas for safe and secure remote access. Here is a small sample of the type of guidance they cover. Each audience (user, manager, technical) is addressed in a separate policy document.
In this newsletter we’ve focused on the need to have a good, easy to understand remote access policy in place. Ideally for this particular policy to be effective it should be written contextually to reflect three user types – General User, Manager and Technical User.
Policy Management as a Service from PPS delivers a comprehensive suite of IT policies that are branded and customised to reflect our customers’ business requirements. Where required, your corporate language can be used to ensure policies are written contextually to reflect the three user types above.
All policies are aligned to best practices and recognised international standards. Once the system is deployed, our experts continuously ensure the contents are kept up to date and relevant on your behalf.
A well written remote access policy does more than just protect your business. It boosts morale because it demonstrates to staff quite clearly that the organisation is serious about cybersecurity. You have enlisted their support with documentation that is unambiguous, to the point and easy to understand.
This breeds a positive and proactive attitude, which is widely acknowledged as being a significant element of every successful security system.
Let the experts help you. Click below to view the video about our service.
IT Policy System walkthrough video:
To arrange an IT Policy System discussion or demonstration please contact Emma Tickner.