Part of the Cyber Maturity series of articles, this section focuses on Home and Mobile Working.
Quoting the 10 Steps to Cyber Security Guidance Sheets:
Mobile working offers great business benefit but exposes the organisation to risks that will be challenging to manage. Mobile working extends the corporate security boundary to the user’s location. It is advisable for organisations to establish risk-based policies and procedures that cover all types of mobile devices and flexible working if they are to effectively manage the risks. Organisations should also plan for an increase in the number of security incidents and have a strategy in place to manage the loss or compromise of personal and commercially sensitive information and any legal, regulatory or reputational impact that may result.
The specific recommendations are:
- Assess the risks and create a mobile working security policy
- Educate users and maintain their awareness
- Apply the secure baseline build
- Protect data at rest
- Protect data in transit
- Review the corporate incident management plans
What are your experiences in this area? How are you managing these controls?
Please share with the community in the comments area below.
- CPNI guidance on remote working
- CESG Good Practice Guide No. 10 (GPG10), Remote Working
Where is good practice referenced? Please let the community know in the comments area below.
The pages referenced in this series of blog articles are derived from the 10 Steps to Cyber Security Guidance Sheets published by BIS and GCHQ in this press release.
The documents are Crown Copyright and used here with permission under the government open license.