Over the years working in cybersecurity and auditing, I have worked closely with HR managers on investigation and IT security policy enforcement. Recently, there has been an incident reflecting the current state of security during COVID-19.
A staff reported that an employee has been using someone else computer without authorization and he believed that the alleged unauthorized person was using via remote desktop session. Recently, the company has enabled remote desktop on office computers and allowed WFH staff to login and work remotely.
My friend who is responsible for HR asked me if it is possible, if yes how she can gather facts to verify the reported case. I felt sorry for her as she has to digest so many technical terms in such a tense and unorganized way. I asked her that the company should enable detailed logs and keep the logs centrally. The logs can tell a more complete story and she will not be making all the wild guesses. If her concerns are insider threats, she should announce the logging policy to the staff, reminding all employees their remote desktop sessions are monitored.
The new work from home arrangements are creating new operating procedures, adding new network and firewall rules and providing a more flexible computer remote access. All these changes may fortify trust or impede trust, all depends on how HR and management striking the balance between corporate culture and security governance.
We are adopting to the new norm.