Keeping data secure when your workforce is ‘out of office'
As businesses look at their contingency planning around COVID-19, we could see more employees than ever working from home for a sustained period. For many organisations, working from home is the norm and is often a selling point to attract the best talent. That said, with a disparate workforce comes the potential risk of a data incident – particularly if a higher number of employees than usual are working from home for longer than usual periods of time.
Current events should serve as a timely reminder to ensure your organisation has the relevant systems in place to ensure data is kept secure.
Here are our top 10 tips for protecting data in the age of remote working:
- Create a positive ‘data aware’ culture – those organisations that adopt and embed a positive culture around data privacy – including what is expected of their employees and how to manage data – will be the ones that have a successful approach to remote working.
- Don’t allow ‘access to everything’ – there is a temptation to let everyone have access to all things for simplicity and to minimise business disruption. Balance the requirement to work remotely with appropriate data access and security.
- Update and communicate your policies - have defined policies in place that are robust and communicated across the organisation. These could cover remote working, Bring Your Own Device (BYOD), acceptable usage, password policy etc.
- Review and communicate your security standards - have minimum security standards for remote devices, such as disk encryption, strong passwords, VPN for internet connections and privacy screens. This should also apply to BYOD.
- Secure your mobile phones - Mobile Device Management technologies will ensure minimum security, such as passwords, encryption and the ability to remotely wipe them if required.
- Educate employees on breaches - ensure all staff are aware of what a breach is and how to report them – even a small breach can have an impact.
- Discourage employees from storing data locally – use online systems and educate employees on the benefits of having central access.
- Adopt terminal-based services - services such as Citrix offer a centrally managed and secured remote access capability.
- Communicate regularly - implement regular communication to all employees to ensure they are aware of the appropriate use of data remotely and best practice data sharing mechanisms, such as using links rather than email attachments.
- Be ready for audit - adopt data loss prevention and detection technologies to prevent and log data leakage.
Remote working has a huge number of benefits – it promotes a culture of agile working that is needed in today’s workplace. However, ensuring data is properly protected should be high on the agenda – having a clear policy that is well-understood throughout the organisation will reduce your exposure to risk.
For more information on The Compliance Space, or to book a demo, contact us at https://www.thecompliancespace.com/book-a-demo