The unprecedented, unique circumstances presented by the COVID-19 pandemic are forcing thousands of organizations to send their employees home. Luckily, technology allows us to work from anywhere and maintain a relatively normal level of productivity. Still, this new, large-scale work-from-home migration creates several security challenges for individuals and businesses.
Many of us are already making concessions and compromises to our daily routines in order to keep others safe from coronavirus. One thing we should not compromise, however, is data security. In this blog, we will discuss some issues to consider when setting up a home office, information security threats to consider when working remotely and how to combat them to keep you and your organization safe.
Confidential documents
Work-at-home employees are more likely to leave confidential material out in the open because they feel secure in their homes. If your remote employees have materials that need to be shredded, businesses need to have a plan for their collection and destruction otherwise these documents could be bound for the recycling bin or a home office shredder. It is important to note that recycling offers no protection of your confidential material and home office shredders can be expensive, unreliable, and inconvenient.
One way to combat this is to provide employees with a secure container to store their confidential documents ready for disposal. They can then transport the container back to work and all the materials can be destroyed with the organization’s routine shredding service.
Businesses that do not have formal procedures for work-at-home employees handling confidential materials will end up with inconsistent processes and a greater chance of a data breach. To demonstrate and ensure compliance, companies should create written guidelines for employees working from home that are consistent with expectations for in-office employees. It is important to have a plan in place to maintain the chain of custody and security of confidential documents that end up in the home offices of remote employees. Those organizations that develop strong policies governing how remote employees handle and dispose of sensitive and confidential information are less likely to have issues and more likely to be protected in the event of a lawsuit or dispute arising from claims of negligence.
Virus-related scams and malware
When your employees are not under the direct supervision of your IT or security team, they may not be as aware of the dangerous scams vying for their attention. Scammers have plenty of free time on their hands, and coronavirus-related scam websites and emails are growing by the thousands. In the third week of March alone, 3,600 domains were registered with “coronavirus” in their name. Some are legitimate sources, but many are fraudulent and may contain malware.
If an email about coronavirus shows up in a team member’s inbox, he or she may be likely to engage with it out of a desire to be informed. Scammers are using everyone’s desire to stay updated about the virus to phish unwitting people. Keep your team informed about potential cyber-attacks and keep tabs on them as if they were in your building.
Authentication processes
Your organization is likely leaning heavily on collaboration tools such as chatrooms and video-conferencing services to maintain communication between your teams. These tools are essential to productivity and can be an excellent defense against attempted phishing and other cyber attacks.
Consider implementing a remote work security protocol that uses chatrooms or video conferencing as an authentication measure. Let your employees know that if they come across a message they deem unusual, then they should reach out to the person who “sent” it directly through your collaboration tool—not email. They can have a quick face-to-face conversation to verify whether or not the suspicious email is authentic. You should also ensure that all remote employees have the latest version of their operating software, security software and applications on the devices they will be using. Additionally, ensure that your work from home employees have access to and can use a business-grade VPN. Even when IT isn’t there in person, your staff can still protect themselves from attacks.
To learn more about how DataShield can help protect you or your organization during this unique time or to learn more about DataShield’s Home Office Destruction Kits, please call us today at 402.898.5000 or visit us at www.DataShieldCorp.com.
