5 Tips for maintaining IT security while employees are on holidays

Security breaches can happen to any company at any time. However, the holiday period has proven to be a time when successful attacks can the peak for several reasons, mostly because companies relax their guard during the period and key resources may not be around. Hence, companies need to understand the risks and issues that can occur whilst staff are off and to plan and prepare for this.

Take advantage of the holiday season

The holiday season can be a great opportunity for a business to test its security incident response plans and implement IT solutions like Salesforce integration services. Given that, during this period many of your customers and clients will also have ramped down their activity. this could be a low-risk opportunity to test plans for real. A plan is just pages of paper in a file or a folder until it is tested and proven. Only by testing will you understand the gaps and weaknesses in your plans. especially if key resources are away, can others pick up the pieces in their absence and will your escalation lists work in reality?

Leave your company equipment in the office.

Employers have a duty of care to employees and getting staff out of the office and on leave and switched off from work to recharge their batteries is key to long term health and well-being of staff. For those reasons alone, staff should be encouraged to leave their laptops at home. However, there is another reason for doing this, it prevents staff and their families "borrowing" the work laptop to do the non-work-related online activity and potentially get infected with malware or a virus

SPAM mail compromise and spoofing

Fraudsters are clever. they know that over the summer period for example. people who normally process and pay invoices on behalf of a firm may well be on leave. However, invoices still need to be processed and authority to do so may have been delegated during a leave period. Hence those covering for the person on leave could be conned more easily into responding to "change of bank account details" mail requests and phishing requests. It is key therefore for a company to understand that this type of fraud can occur. have clear and well-documented processes for dealing with such requests and that all staff in these roles have received specific and focused training in this area.

Backups and procedures

Fraudsters and hackers know that at certain periods such as Thanksgiving and Christmas that key staff are likely to be on leave. It is no coincidence that this is a time when attacks can peak as key experienced staff may riot be around to identify early on that an attack is underway. It’s vital therefore that companies ensure that all their core data is backed up. that appropriate. tested and proven recovery plans are in place and appropriate escalation procedures are also in place.

Sweep for surveillance

The holiday season can be the perfect period to do a sweep of your sites and systems for any surveillance devices or connections that have been installed. Sometimes these may have been installed by your staff. With a lower load on systems and staff not being around to know what is going on. this is the ideal time to do a full property and system review.

At getNext we are committed to helping our customers safeguard their IT integrity and ensure their business continuity, focusing on business outcomes, not technology solutions alone.