fbpx
BLOG POST – Business Continuity

We know that coping with a pandemic is challenging, and we want you to rest easy in the knowledge that your data remains safe and well protected. Fortress, like many other companies, has shifted to a 100% remote and work from home scenario.  Here are some of the things we are doing to keep you safe.

4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 1
  • Fortress has always been supportive of remote work. What this means is that many of the systems necessary to support remote work such as VPN or secure cloud services are really business as usual for Fortress and our employees are well-trained in their usage.
  • Fortress has issued laptops to all employees complete with managed endpoint protection, security monitoring and full disk encryption. Upon connecting to the internet, VPN must be initiated through secure Fortress servers. All access to customer information is performed only from managed Fortress computers. All employees know to report any suspicious activity through the Fortress incident handling process.
  • Fortress security operations teams have full access to monitoring resources and ability to respond to any cybersecurity event whether working in the office or remotely. Our business continuity plan is in effect and our executive team are closely monitoring the situation.
  • Customer data stored in AWS enjoys the same protections it always has, and there is no need to export any data from AWS in a work from home environment. In fact, many of our customers with on-premise installations provision their own access for Fortress use, and for those environments such as Citrix VDI, absolutely nothing has changed from a remote workforce standpoint.

Fortress recommends you check with your critical vendors and suppliers, and discover what they are doing to protect your information, especially key areas such as:

1) Remote Access

    • Do their VPN services have capacity to support their entire workforce?
    • Is Multi-factor authentication enabled?
    • Are computers assessed with compliance for antivirus and security updates before connecting?
    • Are non-corporate managed computer assets permitted for use?
    • How are their corporate computing assets protected?
    • If they need remote access into your environment, have any IP address controls been re-evaluated due to office location changes?

2) Data Access

    • What classification of data will your vendor have access to?
    • In a move to remote work, will the storage of this data change?
    • Will it need to be downloaded to vendor computers?

3) Business Continuity

    • Is your vendor considering the life safety impacts for this pandemic event? How are they protecting their valuable human assets?
    • What impacts on service levels will a move to remote work create?
    • Can your provider continue to service you?
    • Are there any critical services such as onsite servicing of equipment that cannot be performed remotely? What is the contingency plan?
    • Do they have a business continuity plan (BCP), and has it been tested?
    • Does their BCP include pandemic scenarios?
    • Does their BCP include cybersecurity resiliency during a contingency such as remote workforce?

4) Incident Response

    • Do you know what IP addresses your vendors are now connecting from and have you updated your baselines for what normal network traffic looks like?
    • Do you know how to get in contact with your vendor if there is an issue?
    • Do they have a documented incident response plan that includes remote work scenarios?
    • Are incident response teams and security operations at full operational readiness or at reduced levels?
    • How is active monitoring and response impacted?

 As always, please get in touch if you have any questions or concerns. We can work together to keep both you, and your information, secure and safe.

View More Resources Here

4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 2
Utilities
4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 3
Transportation
4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 4
Healthcare
4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 5
Finance
4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 6
Energy
4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 7
Additional Industries
4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 8

4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 9 4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 10 4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN 11

189 S Orange Ave #1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com

COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

THREAT INTELLIGENCE REPORT

Windows CryptoAPI Vulnerability

White Paper

Asset to Vendor Network for Power Utilities

PRESS RELEASE

FORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATS

Emerging Risk Brief

ASSET RISK MANAGEMENT - FOR PORT AUTHORITIES

Advisory

5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM

White Paper

CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION

Advisory

5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM

WHITE PAPER

NERC CIP COMPLIANCE

Subscribe to Fortress Newsletter

For breach reports, threat intelligence, regulatory updates, cyber security news alerts and more, sign up to receive the Fortress Newsletter.

No, thanks!

Threat Advisory

Outdated Security Appliance Facilitates Denial-of-Service Attack on U.S. Grid

WEBINAR DOCUMENT

NERC CIP SUPPLY CHAIN SECURITY STANDARDS