With the coronavirus forcing us to take on new ways of living including social distancing, queueing outside for the weekly grocery shop and having to transform our dining room tables into a home office, we are finding more and more challenges arising in everyday life.
Our reliance on technology has increased astronomically; the vast majority of the UK workforce is now working from home, and we are using video conference apps most days to stay in touch with friends, family and colleagues. With the increase in the usage of technology on the rise, it’s more important than ever to ensure that not only our personal data is handled and kept securely, but that of our businesses too. The risk of confidential information and trade secrets leaking is now higher than ever, and with that, the risk of intellectual property being stolen is possibly at its highest risk in living memory.
Advice on data security for employers
As an employer, you are under more pressure than ever to ensure that your staff are kept safe whilst working online. This works both ways though, as your employees should also be doing their utmost to protect the confidentiality and security of the company.
If you allow staff to work via a ‘bring your own device’ or BYOD program, i.e. your employees are permitted to use their personal laptops, smartphones and/or tablets for work, you should review the policy to check that it is still fit for purpose during the coronavirus pandemic. Some companies, particularly those which handle highly confidential information and data, do not permit employees to use their personal devices to work, which may be the safest course of action not only in the current climate, but in general. Of course that does mean a higher cost for companies to supply devices from which their employees can work, so a risk assessment would be useful.
If you choose to continue allowing staff to work using their own personal devices, it could be an idea to perform an audit. This will help give you a better idea of whether you need to invest in further devices and security features.
You should also ensure that you have a strong (but remote!) IT helpdesk or troubleshooting system in place so that employees do not try to perform their own workarounds when it comes to computer issues, as this could potentially lead to information and systems being put at risk of hacking.
Hacking is a very real risk in the current climate
Anyone using the internet – so essentially the entire UK adult population – is at higher risk of being hacked at the moment. Unfortunately, cyber criminals are known for using unusual and challenging circumstances (such as a global pandemic) to take advantage of both individuals and businesses at their most vulnerable.
Extremely capable hackers can dupe even the savviest computer users into changing passwords or to download software that contains malware. Coupled with the fact that IT support staff are likely to be busy creating and maintaining the foundation through which remote working is possible and so potentially missing suspicious activity, this is an incredibly risky time.
Video conferencing software Zoom has recently come under fire after it was revealed that hackers had been compromising the security of the application. ‘Zoombombing’ was occurring in virtual meetings across the globe, from Alcoholics Anonymous support groups to board meetings at large corporations. Zoom CEO Eric S. Yuan revealed that the video conferencing software saw 200 million daily meeting participants in March 2020, a huge rise from the 10 million daily users just a few months ago, which is worrying given the hacking scandal. With that said, it may be an idea to leave highly confidential meetings and discussions to when we are permitted to go back to the office and hold them physically!
It’s not just electronic information at risk
With so many of us now working from home, it’s likely that many of us are referring to physical documents to carry out our jobs. While we are all in lockdown, this is not an immediate concern as such – but when things start returning back to normal and we resume working from the office, there is a heightened risk that paperwork may be misplaced, lost or stolen.
With that said, businesses should ensure that all staff are aware of a data security breach contingency plan, and that there is a clear data security policy with which employees are obliged to comply.
Next steps
If you require any further information about any of the topics covered in this article, please do get in touch with us. We’d be more than happy to help you with any aspects of data security and virtual working to ensure you are following your legal obligations as an employer and keeping both your business and your employees safe and protected during this difficult time.
This note comprises the view of the author at the time written. This note is not a substitute for legal advice. Information may be incorrect or out of date and may not constitute a definitive or complete statement of the law or the legal market in any area. This note is not intended to constitute advice in any specific situation. You should take legal advice in specific situations. All implied warranties and conditions are excluded, to the maximum extent permitted by law.