Page 52 - Cyber Defense eMagazine June 2020 Edition
P. 52

Risks of Working from Home

            COVID-19 has forced the corporate industry to opt for remote working in place of an office setting. This
            has increased the risk of a data breach. The major causes of this increase in risk are:
               ●  Work from home means that several devices are connected to the company's database. This
                   increases the chances of data theft and leakage.
               ●  The flow of data to and fro the company's system is carried out through multiple networks with
                   varying security levels. This eases the work of predators and cybercriminals.
               ●  Most of the employees working in a traditional setting are not familiar with the usage of online
                   tools. This increases the chances of human error and mishandling of data.
               ●  Unprotected devices are always an easy target for phishing emails and malware. Just one risky
                   device or a single random click by any employee can risk the whole system.



            Checklist for GDPR Compliance

            Here are some necessary measures that your company or organization must take, especially in this
            current situation of remote working, to maintain their compliance with GDPR.
               ●  The company must update its privacy policy for employees working from home.
               ●  New agreements must be made with third parties and outside vendors to maintain compliance
                   with GDPR.
               ●  All the employees should be provided with secured devices by the company.
               ●  If employees are using their own devices, they must be well protected with an up to date version
                   of antimalware and firewall.
               ●  The encrypted network is a must for data security. Therefore, the company should provide VPN
                   protected Wi-Fi devices to all the employees working from home.
               ●  If the employees are using their own Wi-Fi, they must be restricted to use password-protected
                   Wi-Fi only. They must avoid using shared or public Wi-Fi for accessing and sharing the company's
                   data.
               ●  Limit access to important files and data.
               ●  Two-factor authentication must be used for allowing access to the company's database.
               ●  All the tools and software used for communicating and data transfer must be encrypted.
               ●  Employees must be asked to limit their online activities on the devices that are used for accessing
                   the company's database.
               ●  Employees must be restricted from sharing any details and passwords with unauthorized people.
                   Company's data should not be shared with anyone, not even with the family members.
               ●  Employees must be trained for the usage of online tools and software to decrease the chances
                   of human error.
               ●  Employees must also be educated about online safety and how to stay safe from phishing emails
                   and invading malware.
               ●  Companies should have a proper IT infrastructure to monitor remote devices connected with their
                   system.
               ●  Notifications must be set to get an alert in case of any security risk from any device connected
                   with the system. This device should be immediately removed from the system and denied access
                   for the time being.






            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         52
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   47   48   49   50   51   52   53   54   55   56   57