Policies in the Hybrid Environment: Information Security

As individuals continue to work from home, is corporate information and technology secure? Previously we had discussed the policy management dimension surrounding physical security in a hybrid work environment, but significant attention also needs to be given to information security (cybersecurity).

The modern home environment is filled with the internet of things (IoT). Everything is connected - speakers, exercise equipment, wall outlets, televisions, appliances, and more. If any of these devices have a vulnerability or backdoor, then it can compromise corporate data and systems, and if the home network itself is insecure it can compromise corporate data and systems. To support a remote or hybrid work environment it is essential that information security be addressed in home office IT security policies.

Organizations need to:

• Review or write their home office IT security policies to support the remote/hybrid environment. These should address minimum security requirements for the home network and corporate systems and information used remotely.
• Communicate and educate employees on these policies.
• Monitor and enforce these policies to ensure proper IT security controls are in place.

Your organization needs to adjust to the changing business environment and develop a policy management framework that makes it easy for employees within your organization to access and understand corporate policies within a hybrid work environment.