Computer environments are made up of hardware, software, and the people who use and support them. When discussing cybersecurity risks associated with these systems, people tend to be the biggest challenge and risk, especially those who work outside of our offices. Here’s a high-level review of what we do to support them and navigate cybersecurity.
Our employees are divided into two distinct groups: office and field. Though they have many similarities, they each bring unique needs and challenges in order to support and protect. Field employees can further be divided into two sub-groups: unconnected and connected. The unconnected field employees don’t access our systems. The connected field employees do, and their system needs can be as basic as an email account to requiring 24/7 access to multiple systems. These needs can change from job to job or even within the same job. Additional challenges include: mobility requirements, open/unsecure and potentially hazardous work environments, as well as limited connectivity at remote job sites.
Connected field employees are provided with a range of devices, from smart phones and tablets to laptops and in some limited cases, desktops. All these devices need to be set to automatically patch to ensure vulnerabilities are mitigated as quickly as possible. A known vulnerability can be targeted by hackers within minutes of discovery. We’ve also deployed several field workstations to provide a secure portable mini-office, such as the Knaack’s DataVaults (both the 118-01 and 118-M). These support multiple connections for the varying computer systems, a cellular wireless router, printer and display. When an office trailer is available, we have deployed a small network which typically includes wireless access and a network copier. In several cases, we have also deployed cellular boosters to help address limited coverage. In especially remote areas, satellite internet and phones can also be used.
Beyond the applications and cloud solutions needed to do their jobs, there are several solutions in place to ensure these systems and their data are protected. First, we start with unique passwords that meet complexity and length best practices. Due to the critical nature of passwords, we recommend that our users leverage a password manager.