Episode 46 — A.6.7–6.8 — Remote working; Event reporting

A.6.7 establishes requirements for managing security in remote working arrangements, recognizing that homes, hotels, and public locations introduce different risks than controlled offices. For the exam, emphasize policy-led boundaries: approved devices, mandatory encryption, strong authentication, secure connectivity, and restrictions on local storage or printing. Controls must address physical considerations like shoulder surfing and family access, as well as technical items such as endpoint hardening, patching cadence, and secure DNS. Configuration baselines should define minimum standards for operating systems, EDR, host firewalls, and disk protection, with monitoring that preserves privacy while ensuring compliance. Candidates should also understand data handling expectations for collaboration tools and the need to align remote setups with classification and retention rules so that sensitive information remains protected across locations and networks.

A.6.8 complements this by requiring timely reporting of information security events so they can be assessed and, where appropriate, escalated to incidents. Effective programs publish simple, accessible channels to report suspicious emails, device loss, misdirected messages, or unusual prompts—especially relevant for remote staff who may hesitate without in-person support. Best practice includes in-tool “Report Phish” buttons, mobile hotlines, and chat workflows that capture context automatically and route tickets to triage queues. Pitfalls include complex forms, fear of blame, or response teams that fail to acknowledge submissions quickly, which suppresses reporting behavior. Strong implementations track time-to-triage, duplicate event rates, and conversion from event to incident, and they feed patterns back into awareness content and control tuning. Candidates should articulate how remote-working controls reduce the likelihood and impact of events and how clear reporting pathways ensure weak signals are not missed in distributed environments. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.