March 16, 2020
Your company is now (or likely soon will be) moving to a remote work model. The last few days have been filled with lots of moving parts—establishing communication, making sure everyone has equipment, and revamping processes for remote work.
With every new process or changed process, your company must make data privacy a top priority. By not protecting data privacy, your company puts the privacy of its customers, employees, and itself, at risk. Not to mention the higher risk of non-compliance with any number of data privacy regulations.
Many employees who may have not previously worked remotely are now using technology for transmitting data and communicating. Leaders must quickly educate and communicate data privacy regulations and best practices to all employees working from home. Consider creating a short guide or an email to send to all employees. To make sure your employees have seen and read the privacy guidelines, require some type of acknowledgement, such as a signature or email reply.
Protect your employees’ and customers’ privacy by taking the following steps:
- Use a VPN for all work related tasks. As a company, you should provide a VPN for all employees to use for all business tasks, including using cloud-based programs, working on cloud-based documents, and sending emails. Create an short tutorial on using the VPN and write up an FAQ to help employees self-troubleshoot.
- Do not log onto unsecure networks, such as coffee shops or public wireless networks While most people should be staying home, it’s possible that employees may not follow the advice and head to a coffee shop to work. Educate employees that if they choose to go out or to someone else’s home that they should not use public wireless networks for any work related activities.
- Limit opportunities for eavesdropping—both virtual and voice. Make sure that employees know not to leave their computer monitors (either desktop or laptop) unattended in public places or even in their own homes. While you trust the people in your house, visitors or workers (in a public place) could view unattended screens. Because many conversations that previously took place in person will now be phone conversations or conference calls, remind employees to make sure all sensitive conversations take place behind closed doors.
- Be aware of scams. Unfortunately, scams tend to increase during times of crisis. Criminals want to take advantage of companies and employees who want information. Everyone, including your employees, is more likely to fall victim during this time. Remind employees of standard best security practices, such as not clicking on unknown links, not downloading questionable files, and using secure passwords.
- Limit backups of devices. While at first this may seem counterintuitive, employees should be mindful of how often they backup data, such as downloading a email onto a personal computer or backing up files to a company data workspace on a personal device. While backups are necessary for data recovery, each backup results in additional data proliferation. Ensure that employees are instructed on data privacy and security best-practices through virtual training and by instituting software that can discover and classify sensitive and personal data.
With many changes and new processes being developed in the weeks ahead, your employees are likely going to be overloaded with information. Be sure to regularly remind employees of privacy processes. As processes and needs change, be sure to consider privacy at every decision point along the way. By keeping your employees’ and customers’ data private with increased remote workers, your company can avoid unnecessary issues during this period of change.
Spirion’s software can discover and classify data in the entire estate, including every endpoint from laptops to structured and unstructured data to the cloud–even when your employees are working remotely or traveling. Click here to learn more.