Horizons Fall/Winter 2020

N o one has ever seen a year like 2020. These are unprecedented times for all of us — individuals, families, and organizations alike. As we continue adapting to the changing conditions and begin looking ahead, it is important for organizations to review the actions they have taken in response to the COVID-19 pandemic and assess the effects of those actions on the organization’s cybersecurity posture. The imposition of quarantines to contain the pandemic forced thousands of accounting firms, their clients, and corporate finance departments to convert, often overnight, to 100% remote work and/or a mix of working remotely on certain days. Now is the time to take a careful look at the IT security aspects of technology setups, both for remote work and a mixed environment (some at home, some at the office). Concern: In the rush to get employees who typically work in office environments productive with remote working arrangements, many organizations purchased hardware (e.g., laptops) from retail stores and had to configure them on the fly. Many of those employers may not have had enough time to fully understand how to secure and harden these machines before introducing them into the production environment. Having machines operate in the production environment when they are not fully vetted could increase the risk of malware or ransomware being introduced. Recommendation: Ideally, secure and standardize the hardware prior to use. If that was not possible, stop now and assess the security as soon as possible. For the future, have a plan for securely deploying and maintaining new hardware. Area of Interest 1: Hardware Configurations

Fall/Winter 2020

15