Implement and follow WFH policies and procedures

You should have a clear policy in place for staff who are remote working, which covers accessing, handling and disposing of personal data. Your employees should understand the procedures in place to protect personal data help by the company, and you should have appropriate measures in place to defend against cyber attacks.

Use multi-factor authentication

For any cloud-based resources shared by the team, multi-factor authentication can make it much harder to someone other than your trusted members of staff to gain access. It is stronger than passwords alone, even long or complex ones. There are a number of different types of multi-factor authentication, including texts, biometrics, and one-time passcodes.

Ensure home workers have a suitable space

Remote staff should have access to a private space to work – ideally, this will be at home, but there may be instances where they need to work in public.

At home, it is advisable that workers lock their screens whenever they need to leave the room, in order to prevent other members of the house from accessing confidential information.

In public, workers should consider the following when choosing where to set up:

• Sitting somewhere people can’t look over your shoulder to see your screen
• this includes near windows and doors where people may be able to look in
• Installing a privacy screen -Only using encrypted Wi-Fi, or a hot spot from a work device
• Using video meeting software with advanced security features if taking calls in public

Regularly check for updates

It is important to make sure that company devices are up-to-date on security updates, as these will offer the highest level of protection against malware and cyber attacks.

Similarly, a modern browser , such as Google Chrome should be used, and run at the latest available version.

Stay in regular contact

Stay in touch with your remote employees to ensure that you are aware of any technical needs they may have, and encourage workers to reach out if they have any questions or security concerns that need to be addressed.

Provide training

Make sure your team know how to protect important data with GDPR training, and teach them how to spot the signs of phishing attacks.

Enable remote disabling

Remote disabling can be used to lock or erase a device’s data if it’s lost or stolen. Accidents happen, so it is important that you have this feature enabled on any company devices so that you can take action if needed and prevent data from being accessed.

Communicate securely

Ensure the channels used internally are secure, and that all members of staff stick to using these. Secure messaging, an online document sharing system, or password protection should be used when sharing data with others.

Manage access permissions

Minimise the risk of data breaches by reducing the number of people who have access to sensitive data to only those for whom access is necessary for their job role.

GDPR and Security & Terror Alerts are essential tools in protecting your business from physical and operational threats. Make sure you don’t miss out on our 10% off deal on these courses, available until the end of November. Simply enter the code ‘secure10’ at checkout to save!

https://wamanagement.co.uk/shop/general-data-protection-regulation-gdpr/ https://wamanagement.co.uk/shop/security-and-terror-alerts/