As more businesses are having to adapt to more flexible work arrangements, employees may have to increasingly work from home or a remote location. However, working remotely can pose unique challenges to a secure and resilient work environment. When businesses are establishing processes and policies for remote work, preparation is critical. Consider the following tips to help steer your organization safely through times of change and ambiguity.

Employee connectivity is a crucial tenet of any business resiliency plan. If remote work is recommended, it’s important that all employees have access to necessary technological equipment to do their jobs properly. Make sure network connectivity is available to essential employees, and work with internal personnel to ensure that data protection practices are replicable away from central office hubs. Ensure that all video conferencing and telephone systems are functioning properly. Employee absences can also increase during uncertainty, as they manage adjustments to daily life, so make sure employees in essential functions have trained backups who can cover their workloads.

Cybercriminals and fraudsters often take advantage of business disruptions and recent news headlines to launch highly targeted attacks. Employees are always your first line of defense against cyberattacks, but take steps to re-educate them on strategies to protect your business. Often, these events can be a distraction and lead to increased risk. To combat this, reinforce and provide employees with tools and resources on ways to spot different cybersecurity threats, including business email compromise (BEC), phishing, ransomware, social engineering and more. It can also be helpful to outline procedures for reporting threats, and reiterate company policies around password security. Stay mindful that cybercriminals and fraudsters are keen to capitalize on the chaos caused by unanticipated global events. You and your employees are your best defense!

Your business resiliency plan is not a final document that represents your total response. Conditions can change quickly, so be prepared to make adjustments to your resiliency plan based on new information. You can seek the help of trusted experts in public health, emergency preparedness, treasury, payments, communications, legal, operations and others to help you monitor and react to sudden changes. Because information moves fast and professional opinions can differ, be sure to consult multiple expert and reliable sources to get a well-rounded perspective on how to act.

If a serious business disruption occurs, your clients, partners, vendors and employees need clear and concise messages about the scope of impact. Delivering the right message at the right time starts with designing a robust communications strategy for both internal and external audiences. You may consider creating a small task force or communications team to lead the charge of drafting and vetting all information sent from your organization.

Additionally, it’s important to work with internal partners to identify secure communications channels that are accessible even during prolonged or increased disruption. Ensure you can communicate to employees through multiple channels in the event some company resources are not available. 

Remember that even with a plan, unanticipated issues can arise. It’s important to document all developments, impacts and responses for the sake of learning. Even if your business successfully weathers a storm or crisis, a future event could result in further interruptions. That’s why collecting data and insights in real time is beneficial. Look for areas where communications failed, bureaucratic inefficiencies were exposed or a lack of response resulted in negative impacts. These can become learning experiences to prevent losses during future business disruptions.


Remember, J.P. Morgan will never:

  • Ask you to log in to the same computer with more than one user’s credentials
  • Ask you to repeatedly submit login credentials
  • Contact you about online problems, such as logging in, if you haven’t contacted us first

For more of our insights, please visit our Cybersecurity site by clicking here.

If you believe you have been targeted by a fraud scheme or your login credentials have been compromised, contact J.P. Morgan immediately. For more information on how to protect you, your family or business, please contact your J.P Morgan representative.

This article is provided for educational and informational purposes only and is not intended, nor should it be relied upon, to address every aspect of the subject discussed herein. The information provided in this article is intended to help clients protect themselves from cyber fraud. It does not provide a comprehensive listing of all types of cyber fraud activities and it does not identify all types of cybersecurity best practices. You, your company or organization is responsible for determining how to best protect itself against cyber fraud activities and for selecting the cybersecurity best practices that are most appropriate to your needs. Any reproduction, retransmission, dissemination or other unauthorized use of this article or the information contained herein by any person or entity is strictly prohibited.