It is an understatement to say that things have changed. The COVID-19 pandemic has literally changed the lives of billions of us, especially when it comes to professional activity.
Some employees may never return to work in the office. As soon as the lockdown ended, employees, like those at Square and Twitter, were offered the opportunity to work from home on a permanent basis. The telecommuting lifestyle has its advantages and complications, but there’s no denying that it also comes with an increased risk when it comes to data loss.
All over the world, we see employees, many of whom have never been trained to telecommute in real conditions that allow data security, interested in the idea of adopting a new way of living and working. Although the economy has shown some signs of improvement, uncertainty still reigns supreme. This could encourage employees, unsure of what the future holds, to steal sensitive data for use at a later date.
In many scenarios, engineers with access to highly sensitive data and computer systems are telecommuting with less supervision than ever before. To this end, access to corporate network data sharing and approved collaboration tools (services typically found in offices that are designed to protect the most sensitive data) has been reduced for many employees.
It is crucial to adhere to the best cybersecurity practices, especially when working from home. This means finding and following reliable advice on securing home Wi-Fi networks, using trusted virtual private networks (VPNs), and ensuring that all patches are applied to software in use throughout the world. business.
Employers can use other strategies to limit the risk of data loss in the Covid-19 era. Here are three steps security leaders can take to improve their organization’s data protection:
Organizations must have protocols in place for sharing sensitive data, whether it concerns employees, the company itself, or its customers. It is important during this time to reiterate these policies and remind employees of the limitations of email, software like Slack, or any other popular tool within the organization.
Companies, through data governance policy reminders, can emphasize the importance of using only applications, cloud storage services and USB drives approved and certified by the relevant authorities. When abuse occurs, not all businesses have the technology to immediately detect and block any activity deemed non-compliant.
If your organization manages very sensitive data, regulated by intellectual property law (including formulas, source code), or just financial or medical information subject to national compliance regulations – make sure it is labelled as such. Clear identification of data and the controlled existence of policies to prevent unauthorized access attempts can go a long way in deterring possible abusive practices.
Organizations can deploy watermark technology to remind users that they are accessing protected information and, in some cases, prevent an employee from misusing it. Other technologies allow files to be automatically labelled in order to manage data protection programs and ultimately serve as building blocks for data security.
By monitoring access to sensitive files and directories or disks, businesses can better understand what is being accessed and when. It is important to periodically assess the needs of “employees” for this access and limit it for those who do not need it. Organizations should develop formal policies and procedures regarding who has access.
In many scenarios, depending on the sensitivity level of the data, access is only granted if a clear need is established. Monitor network access for confidential data or suspicious behaviour, unusual download spikes or irregular traffic, and follow up as needed.
At this point, it is clear that this pandemic is for the long term. While some offices have reopened their doors to employees following government health guidelines, for a large part of the French, teleworking is an option that is becoming widespread and growing in use. And while this list is by no means exhaustive (we haven’t even addressed the importance of two-factor authentication, phishing awareness, and good password hygiene), it does are important first steps that business leaders need to take, if they haven’t already, in order to secure entity data, now and into the future.
One of the most valuable resources that companies have is the talent of their employees.… Read More