In office environments, corporate security is highly regulated; but what about working in remote which is more and more common today?
In fact, when we look at work from home; we notice that security standards are more or less reduced depending on the case.
Especially when equipment of the company is replaces by employee’s personal equipment.
Without taking into account, the increase of cyberattacks linked to coronaviruses during the past 2 months …
Human error is the major problem when we talk about cyber-security.
Today there is a multitude of technical security systems designed and suitable for all kinds of companies.
Corporate data and IT security depends much more on the behavior of the staff than the behavior of the software.
Indeed, 75% of data loss is not caused by a poor machine performance but by the wrong use of it by individuals.
This figure would be reduced if prevention and information about IT security was systematically give to companies’ staff.
This would have the effect to improve everyone’s behavior on the topic and to limit the human error, impact.
Safety starts at home
Home is now an extension of the office environment so we can deduce that an equal level of security should be considered.
Indeed, security is going beyond the laptop; each home office could be assessed in terms of security (lockable cupboards, adequate wifi passwords, home security and, of course, sharing of devices, etc.)
It may also be a good idea to check whether the insurance used by the company covers the use of professional equipment (computer, telephone, etc.) outside the office.
General Data Protection Regulation
The GDPR (General Data Protection Regulation) is still active.
Any violation or data losses should always be reported and may lead to further investigation.
If a situation requiring recourse to the General Data Protection Regulation persists; the data protection officer must assess the security in place and change it if necessary.
If staff work from home, costs dedicated to the GDPR must be take into account by the company.
Impact on insurance
Less than 10% of companies purchase cyber security coverage.
Most of the providers of these services believe that there are no robust IT procedures in place in the majority of employees personal residences.
This represent a real problem in a homeworking situation …
So a better communication on the risks run by companies due to remote working and on the lack of protection of an IT systems would encourage more companies to subscribe to this type of insurance in order to make them able to better protect themselves.
Recommendations for a better protection
Despite the relaxation of the lockdown; remote working and cyberattacks are more and more common.
We recommend you to implement the following actions in order to give to your computer system, a better protection:
– Do not share passwords for e-mails and for Xero or Zoom.
– If possible, implement two-factor authentication for connections.
– Delete the content of your downloads folder every day.
– Ask employees in telework to change the wifi password for their home.