In a heroic feat to maintain operations at a record-setting pace, countless IT and security teams rushed to provide accommodations for a new remote workforce leaving the office behind over one year ago. As we begin inhabiting those abandoned buildings there are bound to be some ghosts lurking around the office due to unintentional oversights when we left. If IT and security staff haven’t been on the premises during the past year, now is a good time to exorcise those ghosts before the masses return.
One of the most straightforward ghostly considerations would be computer patches and upgrades. Depending on your utility’s remote architecture and auto update status, unless users are connecting to their desktops remotely, there may be a lot of gremlins waiting to be patched/updated. Likewise, many organizations may find themselves in a “Catch-22” with a potential flood of those remote devices returning to the office. Hopefully those devices were managed remotely, but if not, there may be an expectation that people will use them in the office until their desktops are “updated.”
Another consideration for returning to work, particularly offices returning in waves, would be social engineering tactics that take advantage of the reduced occupancy. With reduced staff, there are fewer eyes noticing unauthorized persons. Fewer inhabitants makes it easier for miscreants to gain access to sensitive systems and information without people noticing. For example, gathering all the sticky note passwords (which we don't recommend!) or other sensitive information left behind in the wake of the mass exodus without people asking questions. For additional considerations on the ghosts of cyber past haunting the office, visit DarkReading.