5 Compliance Tips When Home Working. As life after the coronavirus pandemic start to unfold there are a growing number of people working remotely. With this in mind the importance of data protection and information security has never been more significant. The government’s new advice promotes home work to curb Covid-19 spread. While seen as helpful, it might increase data breaches and phishing. This blog aims to give you some top data protection and cyber security tips when working from home.
5 Compliance Tips When Home Working:
Implement high-level security measures:
- Encrypting all laptops.
- Use a secure VPN to protect sensitive intellectual property, such as customer data or special categories of sensitive personal data.
- Apply these measures to all devices used at home.
- Use caution with USB devices and external hard drives.
- Obtain clearance from your company’s IT team before using any USB device.
- Do not allow others to plug in USB devices into your computer for file exchange or information sharing.
Take the right approach and be cautious with emails and links:
- Avoid opening files or clicking on unexpected links.
- Use a risk-based approach and consider suspicious appearances.
- Forward suspicious emails to your Data Protection Officer or Cyber Security lead.
- Delete such emails for peace of mind.
Check for spelling and grammar in emails:
- Phishing emails may replicate legitimate domains but often contain errors.
- Watch for spelling or grammar mistakes, which are uncommon in reputable business emails.
- Verify the sender’s website and ICO registration if suspicions arise.
- Be mindful when using public Wi-Fi or sharing secure data.
- Avoid sending, opening, or sharing sensitive data over public Wi-Fi.
- Refrain from conducting such activities in public places like coffee shops or airports.
I hope that these tips are useful for you as these testing times pass. We all have a responsibility to keep data secure and uphold GDPR when working remotely. CDS have partnered with KnowBe4, the world’s largest integrated platform for awareness training combined with simulated phishing attacks. Their training platform covers data protection and cyber security. This training platform gives you access to a library of 900+ training items comprising of interactive modules, videos, games, posters and newsletters.
Knowbe4 Training Platform – https://compliancedirectsolutions.com/data-protection/knowbe4-cyber-security-awareness-training/
You can also use this platform to send simulated phishing attacks to your employees. You can then monitor and report on the outcome of these simulated phishing attacks in order to assess which staff members require refresher training.
For more guidance visit: https://ico.org.uk/for-organisations/sme-web-hub/your-beginner-s-guide-to-data-protection/