News and developments
HOW TO KEEP YOUR DATA SAFE IN THE NEW DIGITAL EMPLOYMENT ENVIRONMENT
Therefore, it is important for companies to make sure that the risks mentioned above are contained and minimized.
As mentioned in our session on the new digital-centric employment environment at the GoTech World 2020 – Face the new reality event, more than half of Romanian companies intend to allow employees to work from home in the next 6 to 12 months, as a result of the Covid-19 pandemic.
In this context, it is obvious that the number of cybersecurity attacks targeting employees will increase. The main reason for this increase is the fact that most employees are not yet used to the new digital-centric employment environment and to the measures they should follow when working from home in order to keep company systems, information and personal data secure.
In this respect, companies need to understand and properly identify the relevant risks in order to implement the appropriate measures in order to mitigate the same. The responsibility lies not only with the company but also with its employees. At the same time, it is important to engage in a timely manner cybersecurity experts and lawyers specialized in data protection and cybersecurity in order to identify and understand the risks and implement adequate measures to mitigate the same.
- The number of security breaches has increased during the COVID-19 pandemic
- work is often carried out outside the secured infrastructure of the employer, from the employees’ homes; therefore, instead of one secured centralized IT environment, there are now a plethora of individual and less secure IT environments used to conduct work that will be speculated by cyber-attackers;
- employees are using unsecured and/or unencrypted devices (including unsecured wireless networks) to access work-related information;
- insufficient use of virtual private network (“VPN”) solutions;
- increase of use of video-conference applications to attend work-related meetings;
- employees’ lack of compliance with security policies due to lack of employer-supervision.
- What should companies do in order to minimize the risks
- understanding the employees and the new environment in which they perform their work related activities;
- developing a security and privacy focused corporate culture, with the employee at the core of such culture;
- reviewing and adapting security and privacy policies so that the same are fit to meet their goals in the current status;
- training employees so that they understand and comply with the security and privacy policies;
- keeping latest developments in the cybersecurity field under constant observation.