The world has changed in so many ways in the past month and of course all thoughts are with anyone who’s suffering in any way with this terrible virus.
One major change has been the astonishing escalation of remote working as organisations have been forced to find ways of working differently. This has new challenges, across the hardware (access to laptops, printers, devices), software (VPN access, installation of applications, accessing cloud-based systems) and working out how to use new tools such as Zoom or Microsoft Teams.
For many, the ‘crisis-mode’ of getting this set up will have superceded usual concerns over Data Protection, but GDPR remains law, processes are still required to be secure and hackers will still be trying to access your systems.
I’d ask you as organisations whether you have, at the very least, ensured you’ve followed your own IT Security procedures (if they exist) and asked all work-from-home employees to remind themselves of the relevant policies and their own individual obligations.
I’d suggest checking when these policies were last updated – do they even capture the principles of the new Data Protection Act? You should also make sure your IT Providers are all over your new set-up, as the best ones should be.
Here are three key questions:
• How do you ensure employees using their own devices are downloading the latest
patches, versions and using appropriate passwords to make sure they’re as protected
• Is your security software and are the devices/platforms they’re being installed on
modern enough? (Windows 7 almost certainly isn’t!)
• How is personal data being transferred between individuals now? Make sure it’s being done securely, whether that’s via encrypted files or via secure cloud-based links.
Take some time to review your position, consider how you might be affected or are
now doing things differently and understand how this might impact your overall position surrounding the way you protect your data to help protect your business.