Excerpted from Lexology by Perlman & Perlman LLP
COVID-19 has been dominating the news, and with good reason. While the situation is certainly “fluid”, it is likely that many organizations will at some point be asking their employees to work remotely; it is important to remember that doing so it not without its risks. As most organizations have information to protect, now is the time to consider the potential “cyber” risks of remote working, and remedial actions that can be taken to mitigate these risks.
•Unsecure WIFI networks: Home networks (and use of public networks) may be vulnerable to malware or ransomware attacks through their wireless router – Secure home WIFI networks with a robust password and, when possible, avoid use of public networks.
•Working on unsecure personal devices: Home computers may lack critical security patch management – Employees should only conduct work on their employer-issued computers. Where this is not possible personal laptops should not be allowed to leave the home.
•Transferring corporate data using personal e-mail accounts: Employees may send sensitive information to their personal email accounts; non-enterprise email accounts usually lack the protections that commercial accounts often have – Advise employees against sending sensitive company data to their personal email accounts, and to permanently delete any corporate data remaining on their email accounts after they return to their normal working arrangement.
•“Hard-Copy” document management and destruction: Employees may take hard-copy sensitive or confidential materials off-site that they would not otherwise – Advise as to proper destruction and to avoid disposing of documents at home or in a public place without proper cross-cut shredding.
For entire story click here