As described in the quote, the transfer from the office to the home office may not have gone entirely smoothly and both procedural and personnel errors may have crept in at one point or another. As a result of the relaxation, the second transfer back to the office starts and you shouldn’t repeat these mistakes.
There is one essential point, which must be taken into account during the transfer:
Reintegration of the hardware into the IT infrastructure
Since there were a wide variety of scenarios in the home office, for example with company hardware such as a notebook, or private hardware as well as the transfer of the entire workplace from the office to the home office, each individual transfer has to be considered individually.
Nonetheless , there are a few points that apply to everyone in general:
1. Design a questionnaire to ask employees about the tools and resources they use. These are then subjected to a security check based on the needs of the company. Help for this can be found on the website of the Federal Office for Security and Information Technology.
We would be happy to advise you on this free of charge.
2. Design your network areas in such a way that there is a kind of “quarantine” area to check the hardware thoroughly before it is allowed into the regular company network.
3. Creates a disaster recovery plan in order to be able to react at an early stage in the event of failure of a terminal device and any resulting compromise and in order not to endanger the day-to-day business.
4. The return of home office IT now offers the opportunity to say goodbye to the classic perimeter-based security approach, which classifies internal networks and their actors as trustworthy (Trusted Network) and focuses mainly on border crossings for protective measures.
A “zero trust” model should serve as a new security approach: trust no one and verify everyone. Every device, every service, and the user should first be mistrusted and only the lowest possible permissions should be given. There is only access where it is essential. The aim is to record all services, users, and devices to provide systems for authentication in order to get the most granular possible picture of the interactions in one’s own network.