As the country starts to re-open, lots of businesses are still carrying on with remote practices, and many more wish to adopt them. Many businesses are adopting a hybrid approach to staff working remotely and in the office. Whilst many are having to weigh up the pros and cons of the new styles of working and make decisions in respect of what they want we have considered some of the key considerations for employees in respect of protecting company data.
- Check Staff Policies
Staff policies should have been updated to reflect more widespread remote working. Staff policies should suitably cover how and where personal data should be stored and sent. If your own devices are being used then there should be policies in place that cover the costs of repair, usage etc as well as internal policies and plans for security/data compromise.
If this has not happened you should clearly document with your employer what devices you will be using, who is responsible for the upkeep and maintenance of the same and how data is being transferred and stored.
- Device Security
It is important that you practice a reasonable level of security of any device you use during the course of your employment, especially when working remotely.
You should ensure your device has a suitable level of password protection, in line with any staff policies or if there are no polices this should be a reasonable level of security relevant to the data being transferred. Devices should be locked when not in use.
You should not ignore prompts on your device to update software. Out of date software can give rise to security breaches and it is therefore fundamental that devices are constantly updated. If you are unsure you should speak to your IT department.
You should restrict who is able to access your device as family members may inadvertently have access to the sensitive data of the company. Others with access to your devices should be made aware of the potential impact their actions may have on your and your employment if they cause or commit a security breach whilst using your device.
There should be updated and clear policies on how and where you should be storing data, especially personal data, within the organisation. It is important that you comply with any storage policies or requests from your employer. If you fail to do so then infringement may result in sanctions and ultimately termination.
Whilst working from home there may be increased temptation to use alternative methods of online communication such as unapproved instant messaging services. You should check any staff handbook and policies as there is likely to be restrictions on how you can communicate company data. You should really only use corporate email solutions i.e., ones that the employer implements and provides and should stay away from other means of communication, including personal email accounts, when distributing information to reduce the risk of a data breach.