With the coronavirus spreading rapidly across all continents, social detachment has become the solution to curb advances in the disease. And, in order for the economy to remain active, many organizations have found the formula for activity in homework, even.
However, this soon raised some doubts, such as the necessary care to guarantee the data protection in the home office. Especially, for those who use their own computer, from home, for corporate tasks.
To help resolve this obstacle to the security of your intellectual property, in this post we will discuss the following issues:
- Code of conduct for the company and employees;
- Guidelines issued by the company;
- Guidance from your employees;
- Tips to work around any problems with data protection in the home office;
Code of conduct for the company and employees
In addition to undertaking technology solutions to improve data protection in the home office, the organization has to offer a planning complete about it. With it, the rules of conduct and what are the duties and responsibilities of each party involved are clear.
In this case, the employee with his computer and the organization.
To make it easier, we will see below based on the duties and rights that the company and its employees are competing for!
Guidelines issued by the company
Let's start by understanding what the company's role is in guiding and controlling data protection in the home office based on its relationship with employees. Among the main ones, we highlight the following:
- have – and communicate to everyone – the policies and procedures to be adopted during the home office;
- train, qualify and guide employees on the use of any new tools and techniques throughout their homework period;
- important help with any needs that arise, regarding the updating of the software used, as well as their home routers and also personal devices;
- require the use of two-factor authentication for all company employees;
- make sure that everyone has the necessary infrastructure to access the systems and use them. It is important that the organization provides the means for this, if the employee does not have such resources at home;
- advise employees on the most common threats at that time, and explore solutions to be adopted if they are victims of ransomwares, links from phishing and other types of virtual threats;
- analyze the difficulties faced by employees and, jointly between management, HR and the IT sector, conduct training that will help to eradicate difficulties and doubts gradually;
- ask everyone to pay attention to the necessary care during the home office, so that the company's intellectual property – and the employee's personal data – are not compromised.
Another interesting point is that HR and IT, as well as the leaders of each area, can compile the data from this period and draw valuable lessons to be adopted in the next home office opportunities.
In other words: in addition to management, the Human Resources sector has an active participation in this transition and also in the construction of a plan that provides more data protection in the home office and full attention and compliance with policies, by employees.
Including, we have a post that explains well the impacts of coronavirus on the role and performance of HR during the period. Worth reading, as soon as you finish this article!
Guidance from your employees
Following the question of guidelines, before we even address the data protection techniques in the home office, we have to highlight the responsibilities of employees. After all, on a daily basis they are responsible for their actions and behaviors in the virtual environment.
Hence, there are measures that can even be part of contact with the company before they definitively join the home office, such as:
- attention to the use of personal e-mail for work matters;
- continuous assessment of your attitudes (personal and professional) during working hours to avoid becoming an easy target for digital criminal actions;
- avoid the sharing any data or file professional in personal cloud storage solutions;
- when using a work file on your personal computer, delete it immediately afterwards to minimize the risk of having it lost or stolen;
- update all security software on the personal device – whether computer, notebook and / or mobile devices, such as the tablet and smartphone;
- lock the devices from use as soon as you are away;
- use effective access controls – like the aforementioned two-factor authentication;
- modify current passwords and preferably use passwords that are considered strong;
- make it a habit to clean your browsing and download data periodically. Perhaps, even daily;
- extra care with portable devices, such as pendrives, in addition to the equipment for daily use, such as laptops and tablets.
It is also important that the employee knows exactly how to proceed if he loses his equipment. After all, not only will he have to take action (such as notifying the authorities), but the company will also have to revoke access to systems and software.
Tips to work around any problems with data protection in the home office
Turning, specifically, to the data protection measures in the home office that belong to the organization, it is essential to know the best practices to ensure the safety of everything and everyone in the meantime.
We have, therefore, put together some very efficient measures in this regard. Take a look and write down those that have more to do with the reality of your company!
Review the Incident Response Policy
Not only the company, but the employee also has to know how to proceed in case of possible suspicions or proven criminal actions. This streamlines and makes any data protection measure in the home office more efficient for everyone involved.
Set usage limits
The company must explore the measured use of accessing and editing confidential applications and files, thus ensuring that there is no prolonged exposure of these materials on its employee's home network.
This can be important, for example, if the person leaves for lunch and leaves the system and these files exposed unnecessarily.
The same may be true for the number of simultaneous accesses to the same file. The IT sector can act to ensure better control of who is accessing, and what is being done, to allow more effective monitoring and tracking in the event of an eventual problematic situation.
In addition to what we were referring to in the topic above, IT must have more powers, in this period. Regarding data protection in the home office, your technology employees can terminate an employee's access and privileges at any time.
Work harder on data encryption
View and review the current encryption actions in the company, and do not measure efforts and improve them to ensure data protection in the home office.
The same goes for using a VPN. Virtual Private Network, or virtual private network -, which promotes more protection through more controlled access by employees.
Review your company's backup actions
It is worth striving to understand what are the most efficient means, in addition to those already adopted, to ensure that the company always has the most up-to-date version of its documents and materials. Thus, eventual losses will not be felt as much because the process was carried out in an agile and preventive manner.
Therefore, as much as there are several benefits of adopting the home office in a company, the present moment may have accelerated some steps for its implementation.
Not for nothing, these revisions in data protection processes in the home office become elementary. Through them, it is easier to identify flaws and gaps in current procedures, providing a safer, more productive and convenient routine for everyone.
So, if you thought these tips were useful to get around the challenges of working at home office during the coronavirus crisis, subscribe to our newsletter – just fill in the requested data in the right corner of the our blog – to receive, first hand, all our tips and news on the subject!