With the coronavirus epidemic growing by the day, we’ve woken up to a new reality and switched to home office mode – or working remotely. Pursuant to the provision of the Act of March 2, 2020, on special solutions related to the prevention, neutralization, and eradication of COVID-19, other infectious diseases, and the crisis situations they cause, “the employer may instruct the employee to perform, for a specified period, the work specified in the employment contract, outside the place of permanent performance (remote work).”
As the situation is changing dynamically, employers have been forced to quickly prepare procedures defining the conditions for working from home while making sure they do not pose a threat to the security of the company. What should we keep in mind and what cybersecurity threats should we be aware of?
The main rules for working from home
Data security is one of the most important issues relating to the arrangements for remote work. Access to the company intranet and programs or data processed in the company should be secured so that they are not leaked to third parties. How to connect securely Who can use an office computer at home? What safeguards should be implemented?
Communication channels on an office laptop
Employees working remotely on office laptops should use a secure VPN connection when using company resources. VPN allows communication between the workstation and the company’s infrastructure, while protecting the company’s data from being leaked. Your office computer should have an antivirus program installed, and your computer should be password-protected.
When handling important data, the disclosure of which may expose the company to a variety of legal and financial consequences, remember that no one but the authorized employee should be able to access the office computer. The employee must be aware that sharing a company device with third parties – even with family members – is forbidden.
When working from home, you should only use your office email account to help you identify when a cybercriminal might be impersonating an employee by using an account on a different domain. However, you should be vigilant because the risk of Business Email Compromise (BEC) attacks increases when working remotely.
Cyberattacks as a result of human error
Employees are the weakest link when it comes to cybersecurity. As many as 95% of attacks are caused by human error resulting from a lack of knowledge regarding security. Therefore, every employee working remotely should receive the appropriate training. As stated by the world’s most famous hacker, Kevin Mitnick: “I hacked people, not passwords.”
GDPR has dramatically changed the approach to handling sensitive data. Nowadays, it is extremely important to properly secure information about employees, clients or contractors because any leakage is associated with huge fines. Therefore, employees must be aware of how they should act when handling personal data, what to look out for, what dangers lie ahead, and what to do to prevent human error.
MyNetwork Polska will help you take care of your organization’s security when working remotely!
Every employee who works remotely should be aware of the dangers lurking on the web. Employees should also be aware of the consequences of non-compliance with security rules. The greater the diligence when organizing remote work, the lower the risk of unnecessary problems relating to the leakage of customer or company data. Employers should bear in mind that they are responsible for the proper training of employees.
Protect your company by training employees on information security and the GDPR. Remember that the costs spent on training are much lower than those associated with the consequences of non-compliance.