Remote Work

Guidance to Implement

Develop and distribute detailed guidelines for securing home networks. Offer remote support resources.

Guidance to Audit

Guideline documents and employee acknowledgment receipts.

Guidance to Implement

Enforce VPN usage through network policies and continuously monitor remote connections.

Guidance to Audit

VPN usage logs and network access control reports.

Guidance to Implement

Implement device enrollment and management policies (MDM) and verify compliance before granting remote access.

Guidance to Audit

Device enrollment records and compliance reports.

Guidance to Implement

Deploy automated compliance scans for remote devices and remediate non-compliant cases promptly.

Guidance to Audit

Compliance scan reports and remediation records.

Guidance to Implement

Deploy advanced access solutions (like jump servers) for critical systems and log all sessions.

Guidance to Audit

Session logs and advanced access configuration records.

Guidance to Implement

Establish a pre-travel notification workflow

Guidance to Audit

Travel forms

Guidance to Implement

Set up a dedicated reporting channel (e.g., hotline or mobile app) for travel-related incidents and train employees on its use.

Guidance to Audit

Incident reports and hotline call logs.

Guidance to Implement

Include hotel safe usage guidelines in travel protocols and encourage their use.

Guidance to Audit

Travel policy documents and employee acknowledgment records.

Guidance to Implement

Advise employees on data minimization and enforce encryption for any data carried during travel.

Guidance to Audit

Travel checklists and data minimization policy documents.

Guidance to Implement

Incorporate clear guidelines for asset supervision during travel and emphasize vigilance in training.

Guidance to Audit

Travel supervision logs and incident reports.

Guidance to Implement

Educate employees to lock their devices as soon as they are not in use. Reinforce via policy reminders.

Guidance to Audit

Policy documents and training attendance records.

Guidance to Implement

Provide guidelines on maintaining discretion during external interactions, include role-playing scenarios in training.

Guidance to Audit

Travel policy documents.

Establish guidelines and best practices for securing remote work and workspaces

Guidance to Implement

Guidance to Audit

Mandate secure VPN usage for all remote work connections

Guidance to Implement

Guidance to Audit

Restrict remote work to company-approved devices only

Guidance to Implement

Guidance to Audit

Schedule regular compliance checks to ensure accounts and remote devices meet security standards

Guidance to Implement

Guidance to Audit

Implement enhanced security protocols (e.g. jump servers, just-in-time access) for critical remote systems

Guidance to Implement

Guidance to Audit

Notify the security team prior to business travel

Guidance to Implement

Guidance to Audit

Report any unusual incidents or security concerns during business trips

Guidance to Implement

Guidance to Audit

Utilize hotel safes for storing sensitive items when available

Guidance to Implement

Guidance to Audit

Limit travel to only essential documents and data

Guidance to Implement

Guidance to Audit

Ensure documents and IT equipment are never left unattended in public areas

Guidance to Implement

Guidance to Audit

Lock devices immediately when not in use

Guidance to Implement

Guidance to Audit

Exercise discretion during external interactions

Guidance to Implement

Guidance to Audit