As organizations explore various alternate workplace options in response to COVID-19, CISA recommends examining the security of information technology systems by taking the following steps:
- Secure systems that enable remote access.
- Ensure Virtual Private Network and other remote access systems are fully patched.
- Enhance system monitoring to receive early detection and alerts on abnormal activity.
- Implement multi-factor authentication
- Ensure all machines have properly configured firewalls as well as anti-malware and intrusion prevention installed.
- Test remote access solutions capacity or increase capacity
- Ensure continuity of operations plans or business continuity plans are up-to-date.
- Increase awareness of information technology support mechanisms for employees who work remotely.
- Update incident response plans to consider workforce changes in a distributed environment.