Discourage the sharing of COVID-19 information. Use official company channels only.
Keep your employees informed of coronavirus-related scams, frauds and compromised websites and phishing schemes. Knowledge is power.
Provide tips to secure consumer-grade internet devices like routers. Most routers are easily exploited as the admin account is still set to publicly known manufacturer’s defaults.
Use a VPN to encrypt remote connections.
Enforce multi-factor authentication for remote access to reduce the risk of compromised VPN credentials.
Disable administrative rights for remote workers to eliminate the risk of compromised VPN accounts used to create new users with admin privileges.
Revisit your Business Continuity Plans (BCP) to ensure they cover a pandemic-driven remote work policy.
Consider running a COVID-19-based incident response. Gather your executives and leaders to run a simulation in which a key employee tests positive for COVID-19, after accessing the office while symptom free.