7 ISSUE 6 | 2020 Steven Ward has over 29 years’ experience in technology with 14 years in community banking technology, and currently serves as CSI’s vCIO manager. 2. Create an Acceptable Use Policy In this new hybrid reality, employees may be more likely to use corporate-owned devices for personal business. Create and communicate a clear acceptable use policy and outline your specific policies for business devices. Your institution’s acceptable use policy should also explicitly address work-from-home environments to educate employees on expectations and risks of remote work. 3. Use Mobile Device Management If your institution issues business-owned devices to employees or if employees use personal devices for business, consider implementing mobile device management and encryption to safeguard all devices with access to your institution’s data. This technology will also allow your IT support staff to fix issues remotely or install updates. 4. Implement Web Content Filtering Web content filtering can extend beyond a VPN connection, offering additional layers of security. By providing web content filtering capabilities, your institution can protect off-network devices while preventing employees from accessing malicious or inappropriate sites and mitigating threats like malware. 5. Enable Multifactor Authentication (MFA) Multifactor authentication is one of the best ways to protect your workforce from the two largest threat vectors: social engineering and phishing. Through MFA, multiple credentials are required to verify a user’s identity. According to Microsoft, MFA can help prevent over 99% of account compromise attacks since a fraudster cannot gain account access solely by obtaining or cracking a password. 6. Strategically Invest in Technology The number of available technology solutions designed to support your institution can be overwhelming but remember that you should not invest in technology that does not align with a business objective or support revenue generation. As you consider technology options, think holistically about your institution’s IT strategy, goals and environment. Create and communicate a clear acceptable use policy and outline your specific policies for business devices. Your institution’s acceptable use policy should also explicitly address work-from-home environments to educate employees on expectations and risks of remote work. 7. Develop Well-Documented Processes Revisit key processes and determine how to integrate them in the new reality of remote work. Decide if current technology accommodates existing processes or requires updates to enhance security. Auditing processes for efficiency will also benefit your institution as you determine whether processes are scalable, have the appropriate number of steps and if they will meet your needs in the future. 8. Promote a Security-Minded Culture As employees work remotely, your institution should prioritize employee cybersecurity education to create and maintain a security-minded culture. By creating a culture focused on security, you can educate employees on proper online conduct and reinforce the importance of asking for assistance after engaging in potentially risky behavior. Future of Remote Workforces The way we work has been transformed as a result of COVID-19. As the financial services industry’s landscape continues adapting, your institution should prioritize security to serve your customers better. Check out our remote workforce security infographic to learn more about how CSI can help you manage your remote workforce.