With the COVID-19 pandemic forcing both Federal agencies and the private sector to make a rapid shift to telework, the Cybersecurity and Infrastructure Security Agency (CISA) launched a dedicated telework product line.
In a statement, CISA said the product line is “intended to advise and support the incorporation of cybersecurity considerations when adopting or expanding telework policies, such as the use of video conferencing software and related collaboration tools.” The agency also noted that the guidance was developed in collaboration with Federal and private sector partners.
“As many businesses and organizations have rapidly shifted to a maximum telework environment, CISA is providing a one-stop shop of cybersecurity and resources to protect networks in this new landscape,” said CISA Director Chris Krebs. “We are working with our Federal and private sector partners to understand the threat landscape and provide a central point of the latest and most up-to-date information for organizations to keep their networks and employees safe. As the threat continues to evolve, so will the guidance, and we will continue to add more products as needed.”
The initial products on the new site are:
- Cybersecurity Recommendations for Critical Infrastructure Using Video Conferencing – “Includes information about some of the tactics cyber actors might use to disrupt business or steal sensitive information and recommended security practices for both organizational enterprise networks and end-users.”
- Cybersecurity Recommendations for Federal Agencies Using Video Conferencing – “Addresses enterprise security practices that includes the use of FedRAMP-authorized products for agencies with cloud services. It also contains best practices for end-users like only using agency-approved software and tools for business, as well adversarial tactics that seek to acquire Federal government information.”
- Guidance for Securing Video Conferencing – “For individuals and organizations and provides four principles and tips on how to connect securely, control access, manage file and screen sharing and recordings, and how to keep applications updated and secure. Also, it provides information on how to implement security settings for common video conferencing tools.”
- National Security Agency and CISA Telework Best Practices – “A collaborative one-page product for providing basic advice for safe and secure teleworking, primarily for government employees.”
- Video Conferencing – “A two-page information source with tips on conducting safe and security video conferencing. It is designed for the general public as well as organizations to use as a guide for educating their workforce.”