Data security and the dangers of remote working

We are all staying safe by working from home. But what does that mean for data security?

The office work environment is reasonably secure: there are professionals in IT and building security keeping operations secure and data protected. But when we work remotely we no longer have that expertise at our shoulder.

Here are some issues that you need to bear in mind:

  • Store documents and data on company systems via the VPN, don’t save copies locally on devices.
  • Don’t send personal data to colleagues by email unless it is encrypted.  Upload it to a shared space via the VPN and invite colleagues to view and share.
  • Don't share device passwords with family.  Everyone needs their own log-in if devices are shared.
  • Log out of your desktop or laptop when you leave your workstation.
  • Minimise printing, work online whenever you can.  If you must print out documents, keep them in a locked drawer or cabinet until you can take them into work for secure destruction or filing.
  • Agree with your household a safe space for making and receiving confidential calls so you won't be overheard.
  • Don't store authentication details on any non-company device.

Finally, remember that all the usual data protection and cybersecurity considerations apply when working from home. Be alert to spam and phishing attacks and minimise access to personal data following the ‘need to know’ rule. And, importantly, you should still report data security breaches following your company’s reporting procedure.

Mandy Webster
Data Protection Consulting
www.dataprotection.me.uk
21 April 2020

Mandy Webster has produced a short video on the data security issues when working from home.

Employers need to set policies for employees otherwise they risk data protection fines for failing to secure personal data.  Staff training is critical in the defence against both data protection breaches and enforcement action.

Webinar on 25th May at 12:30pm, How big data and AI can support organisations within a governance framework

Search ICSA