The ongoing coronavirus pandemic has forced companies of all sizes and in all industries to pivot to a telework environment to remain operational while keeping employees healthy and safe. CPA firms large and small have had to enhance their existing remote work setups while firms behind the tech curve have had to make even more drastic changes to how their teams can collaborate, share information and remain productive during COVID-19.
More staff working from home means that more personal devices will be used on home networks for CPA firm business, which increases the risk for security issues, cyberattacks and data breaches. Providing your team the right tools to work remotely is very important during this COVID-19 “New Normal” — it is equally important, however, that CPA firms also develop and communicate a clear, executable policy for Bring Your Own Device (BYOD) security to its remote employees.
As we’ve noted before, cybersecurity is not just about tech; your people must play a proactive role in keeping your CPA firm’s data and IT infrastructure secure. The human influence on cybersecurity is more important than ever before because so many staff are operating on their own devices and networks due to COVID-19.
Cetrom can help you transition to a strong remote work environment while also providing guidance around creating a sound and practical BYOD policy. Here are some tips for keeping your data safe in the age of increased BYOD work activity during the coronavirus pandemic.
Educate Your Staff on the Why Behind the BYOD Policy
To avoid a negative reaction from staff, take time to explain why it is necessary to create a personal device policy during this work from the home period. You can build out the best BYOD policy in the world, but if your staff, which is likely already stressed, feels put-upon by this policy, they will be less likely to follow the rules.
Under normal circumstances, it would be advisable to recruit department leads and other staff to help build your BYOD policy. This would help create a sense of collective ownership of the BYOD program and prevent any animosity or negative backlash. However, if your CPA firm doesn’t have a BYOD already in place, this is not feasible since you have to act now to mitigate risks as soon as possible.
What Should Go Into Your BYOD Policy
If your CPA firm doesn’t have a current BYOD policy or an IT emergency response protocol in place already, your BYOD program needs to focus on the basics and low-hanging fruit. However, it’s important to think of the future as you build this BYOD set of rules and employee requirements — whatever policies you build out now in response to COVID-19 should serve as the foundation for a more comprehensive IT security and emergency preparedness model to be built out in the near future.
Here are some BYOD policy actions you can take relatively quickly to better protect your network and data:
It’s important to note that every CPA firm’s BYOD policy will have its own nuances; there is no one-size-fits-all approach that will work. The aforementioned recommendations are intended to provide guidance around what CPA firms can more rapidly deploy to plug any security gaps created by the crisis-driven transition to near 100% work-from-home work ecosystems.
The key takeaway is that every CPA firm, regardless of size, location or industry focus, has to do one of two things immediately: (1) Reassess and augment its existing IT emergency and BYOD protocols; or (2) Create a BYOD policy that can be implemented quickly and effectively and with the build-out of a future, comprehensive security plan in mind.
Cetrom is here to help CPA firms navigate COVID-19 and better position their IT networks for the future by enhancing existing security policies and IT infrastructure or via the build-out of an effective, efficient and secure IT environment from the ground up.