All banks are required to assess the risk of a pandemic to their business and have a plan to address providing continued service during such an event. Does your plan include a contingency to allow some employees to work from home? Remote working is becoming easier than ever and is a smart way to prevent the spread of illnesses.
But working from home can cause its own set of problems including security, connectivity and hardware/software issues. Creating a plan now, and testing that plan, is a good idea and will save you headaches in the future.
It is important to first identify those administrative functions not involving confidential information that could be done by remote workers. For those people, here’s what to keep in mind.
The Home Workstation
Probably the most important aspect of working from home is making sure that the home workstation is safe, secure and pre-configured to work in the event of an emergency. Ideally, bank-owned and configured devices should be used. If that’s not possible, have each employee identify in advance the workstation/laptop to be used and ensure that it:
- Has current antivirus or antimalware software
- Is fully patched with the latest security patches
- Is running a current, supported operating system
- Has all of the necessary applications and tools required for the individual’s job, or is configured for remote access to those tools
- Be pre-configured with secure VPN (Virtual Private Networking) agents.
It’s also a good idea to use Multi-factor Authentication (MFA) when connecting to company or cloud-based applications. Once you permit access remotely, use all precautions to make sure you know who is connecting, and where they are connecting from.
Strict controls should be put in place to ensure there is no access by a remote user to any systems or resources other than those necessary to perform their job.
A great way to keep a team functioning together when separated physically, is to use collaboration software. Microsoft Teams is a great example. It permits sharing of information, instant messaging, audio and video conferencing for everyone in your organization. Similarly, conferencing software like Zoom or GoToMeeting permit you to bring clients and outside colleagues together as well.
Have a look at your phone system capabilities. Most modern Voice over IP (VoIP) phone systems can be configured to forward directly to a home or mobile phone. Soft Phones can allow your home workers to appear as if they’re in the office no matter where they’re sitting.
Be proactive instead of reactive. Creating a plan, making sure you’ve got the tools you need to stay safe and running a test will put your business in a proactive stance so you’re ready for whatever happens. If you need help, please contact us.
About the Author:
Mike Gilmore is the CTO of RESULTS Technology and a Certified Information Systems Auditor (CISA) with more than 30 years’ experience in the banking industry. RESULTS Technology provides IT services to community banks across the Midwest. In his role as CTO, Mike provides compliance and risk assessments, audit and exam support and policy documentation. He can be reached at email@example.com.