The Big Back to Work Cyber Clean Up


In the coming weeks millions of workers will be migrating back to their office environments after months of working from home. This period of quarantine has been one of the most extraordinary challenges for employers and employees, requiring herculean amounts of adaptability and resilience.

It does seem strangely cruel that just as most of us have become settled in our home offices/laptops in the lounge, we’ll be preparing to change things once again. There’s no doubt it will feel strange to go back to a daily commute and sitting back at our old workstations (possibly still staying 2 metres apart if you believe some of the predictions).

Naturally, businesses will want to get back to ‘normal’ as soon as lockdown is lifted, but that would be a mistake. Because, as we discussed in our last article, there are many things to be considered from a cyber hygiene perspective when it comes to welcoming workers back to the office. Savvy organisations will use this opportunity to conduct a thorough Back to Work Cyber Clean Up. We suggest you carry out the following procedures to ensure your business is in the best possible position to make a fresh start:

Audit and re-assess infrastructure

First order of business will be to carry out a comprehensive audit of your organisation’s IT infrastructure. What changed while people were working from home? Are you expecting a complete return to pre-lockdown working or will adjustments have to be made? This is the time to reassess what works and what doesn’t. Businesses that were reluctant to embrace things like cloud storage before the lockdown have surely come to realise the importance of reliable, secure data sharing during this time.

Document location audit

Do you have an accurate sense of where documents have been stored while your employees were working from home? Was there a company-wide policy to only save to a cloud location, for example? Or is it possible that people reverted to storing things locally on laptops for convenience? This can be a nightmare for version control and document visibility so it’s vital to get a handle on this as soon as people are back in the office. It’s worth remembering that a large part of data hygiene practice is centered around visibility and reducing duplication.

Refresh and reiterate cyber hygiene policies

A fresh start after a period of uncertainty is the perfect time to refresh and reiterate your office policies, particularly when it comes to cyber hygiene. It would be reasonable to expect a certain amount of complacency in this area from workers outside of an office environment, especially if people were in ‘fire fighting mode’ for the last few weeks. Take this opportunity to gather the team together and make sure that everyone is aware of company policies, best practice and protocols.

Future requirements for end user education

As with the above, it’s also a good time to look ahead and plan your requirements for end user education for the coming months and years. Has this experience of working from home revealed a gap in training, for example? There will be situations that need your immediate attention but don’t take your eye off long-term goals either.

Revisit policies for continued working from home

There’s been much speculation that this world-wide experiment in working from home will result in a complete change of working environments, with companies giving up costly office rentals and becoming completely staffed by remote workers. Whether this is sustainable long-term is anyone’s guess, but if your business does decide to allow all/some of your employees to continue working from home, you will need to revisit your policies to ensure continuity without compromising on cyber hygiene. Cyber security policies for a remote workforce will need to include considerations for data storage and sharing, software licensing and updates, and how to maintain anti-virus and anti-malware protection on remote machines.

In the rush to get back to normal after this truly strange and testing period, businesses must take the time to ensure their data and operations are as secure as possible. The last thing any of us needs after a real-life virus threatening our health is a virtual one destroying our livelihoods.