Many of you are now working from home, have a good set up with computers, screens, and chairs and are getting used to the remote situation. Now that you are all set, have you considered data privacy and protection? If you are working with company data and are working at home, you need to be conscious about legal and regulatory requirements for your specific job and industry.
Beyond the specific legal concerns and regulations that may be affecting your business (please check with your leadership on legal or regulatory requirements), here is some general data safety and protection you should be keeping in mind and a few simple guidelines.
Ask yourself the following:
“Before I started working remotely, would it have been okay to take this home to work on it? And would it be okay to have a paper copy of this work outside of the office?”
If the answer is no, then you need to be careful with that information and how you work with it. When possible, you should be leaving that information at the office and using remote connections via Remote Desktop Services (RDS) or Virtual Private Network (VPN) so that the information you are working on remains stored at the office.
Should I be printing this out?
If you have requirements regarding confidentiality or privacy tied to information that you are working with, be careful what you print out at home, and where you store printed materials. Just because it is your family doesn’t mean the information is safe. For example, kids tend to read anything that gets left on the kitchen counter and could accidentally leak information. Papers could be left out and lost etc., especially if it is not your normal working process.
Prevent spreading data yourself.
Try not to use your personal phone, any of your family’s computers, tablet or mobile devices, and try not to email your work data to your home accounts. Try to keep data and the means to access that data as minimal as possible.
Do indeed work on a company computer and or remote onto servers from a specific device that you designate your work-from-home system. If you need access to work email, set that up so you aren’t spreading data to your personal accounts. Don’t save work-related passwords to your home computer Windows or browser. If there are any shared devices with other home users you should segregate your work and home usage by creating separate Windows logons or if possible, entirely separate computers for work and play (if possible).
How can I keep client information as safe as possible?
Think about keeping information as secure and private as possible. That means making your home Wi-Fi and computer as secure as you are capable of. Things like putting a password on the Wi-Fi, setting up Windows user accounts so your family can’t access your work files, browser history or bookmarks that may have sensitive information or working data. And as above whenever possible leave the important data at work on the server, or company email etc., that way it’s not in your house be it on your home PC or printed and sitting on the dining room table in your custody.
Be aggressive and manage all data that is in your possession.
Google search how to set passwords on your computer or Wi-Fi if you need to and try to keep private information in the least number of places possible. Make this information accessible by the least number of hands as possible. Most of the big personal breaches aren’t intentional, its misplaced information, accidental sharing, and worst yet, malware. If your work computer is not used exclusively for work (i.e. even if you browse news and Facebook etc. occasionally during work or otherwise) that means you need to be more diligent to make sure your computer is protected from malware that could find its way in and could potentially share your work passwords, communications, data with bad actors. That means having a good antivirus program and maintaining Windows Updates on the technical side as well as awareness on your other home network users to not click on anything suspicious or downloading untrusted programs.
In summary: Be as diligent as you can with work data, make sure it’s in the least number of places with the least number of hands (and eyes) able to access it, and remember once you copy that data from work to your home or device it is now in your custody and you are responsible for it, so make sure it’s safe and secure!