Global concerns over the current coronavirus (COVID-19) outbreak and the need to keep employees away from the office, as a precautionary move to keep COVID-19 from spreading through the company’s workforce, are now suddenly ending with more colleagues interacting via messaging platforms such as Facebook Messenger, WhatsApp and Skype. WhatsApp usage climbed up 20% and Skype recorded a 100% growth in usage in countries profoundly affected by COVID-19.
That said, it’s vital not to let the protection intended to protect the physical health of employees turn into a threat to your organization’s cybersecurity health at the same time. From security issues to regulatory requirements, having employees (or yourself) work from home can open new risks, including data breaches.
Here are our five top tips on how to have your IT team prepare your team to work remotely, safely and in compliance regulation.
Make sure chats are being archived
Teams may use chat systems such as WhatsApp to communicate, and regulated organizations are required to archive and monitor all professional communications. For example, financial service firms regulated under FINRA’s Regulatory Notice 17-18, firms are required to archive communications. Therefore, archiving software that plugs into the back end of a chat system and require user authorization are critical to ensure you are meeting privacy and personal rights. One example is DeepView’s ChatGuard, which splits work and personal and archive work chats, allowing employees fast and compliant access to personal networks. This provides automated discovery of insider trading and contractually binding statements where needed.
Manage data leakage
Working from home can mean more social media use. Photos and videos contain a massive amount of information for social engineers and hackers. Renowned social hacker, Rachel Tobac, provides an example in this video of how a hacker can extract 60% of the information she needs to hack a company via public photos and videos.
Currently, there are software solutions that have algorithms built to detect passwords on post-it notes, and computer screens, making you vulnerable to hackers. There are also software systems that can prevent this, such as DeepView’s ImageGuard, which provides real-time alerts to potential security risk posts. It reviews public Datext, photos and videos that are tagged to your company to enable companies to remove the posts that pose a risk and leak confidential data.
Make sure solutions work for both corporate and personnel devices
It’s no longer realistic to believe employees will only use corporate devices for work, whether it’s to build a new relationship or quickly send a message. When employees are at home, it’s far too easy for them to jump onto personal devices; therefore, making sure your security software is built to work on personal devices, while respecting privacy is critical.
Make sure you are protected globally
Many solutions are built only for the US market; however, teams are often global. It’s far simpler and time-efficient to review and consider solutions that meet global regulation.
