How to Protect Employee Privacy and Ensure Data Security With a Remote Workforce
For businesses and the employees that work for them, it was once easy to draw a line between work and home. In a time not too long ago, employees would commute to the office, sit down at their desks, handle everything they needed to do for the day, leave the office and go home. The shift to remote work blurred those lines.
While both businesses and employees have realized the benefits of working remotely, significant challenges remain around security and privacy. According to Statista, in 2020 there were over 1,000 major data breach cases within the US alone, exposing the data of over 155 million individuals. There were roughly 304 million ransomware attacks across the globe in the same year, an increase of 62% from 2019.
Hackers are taking advantage of reduced security measures with so many employees working remotely. Here's what security experts recommend as the best methods to overcome these challenges and how businesses and employees can protect their physical and digital privacy when they're working away from the office.
Implement Work-Only Systems
In keeping with the traditional separation of work and personal lives, businesses should find ways to ensure that employees have work-specific cloud systems and devices available for employees to access. A report from PC Matic on cybersecurity in the workforce indicated that almost 62% of remote employees weren’t issued dedicated work devices by their businesses in the last year, making it an ideal starting point for companies that want to double down on privacy and security.
Startups and smaller businesses might not have the budget to provide dedicated work devices but they can ensure all employees have work-specific emails and access to business files through tools like Google Drive. These cloud-based systems are affordable for many small enterprises.
While businesses should provide more security and privacy for their employees, they can also do some things of their own to keep themselves secure. According to Pablo Listingart, founder of Winnipeg, Canada-based ComIT, professionals shouldn’t save sensitive data on their own devices. He also advises that they strive to improve the security of their own devices.
“With more information coming into their personal devices, it’s well-advised for team members to invest in better personal security practices like two-factor password authentication or single-sign on,” said Listingart.
Related Article: So Many Breaches, So Little Proactive Action
Create a Dedicated Workspace
Employees should also create dedicated workspaces to keep their personal lives as private as possible while having Zoom meetings or working in general.
“We require that all home-based employees maintain a dedicated work environment, someplace free of other people or distractions,” said Christine Kowalczyk, chief operating officer of Sunnyvale, Calif.-based Support.com.
She explained that not only does having a dedicated space enable good remote work habits, but it also supports worker privacy, making sure families are never on display. When a dedicated workspace is not possible, allow exceptions to regular workplace practice. In keeping with this recommendation, organizations should allow employees to turn off their cameras during meetings.
Why Knowledge Management Is Critical to Business Resiliency
How Organizations are Future-Proofing Business by Harnessing Company and Employee Knowledge
The Compensation Cliffhanger: New Research on How HR Leaders Are Addressing this New Talent Minefield
For employees today, is it really "all about the Benjamins"?
Use VPN and Antivirus Software
Using a virtual private network (VPN) is an excellent way for companies and employees to protect themselves and sensitive information. “VPNs enable secure remote access, ensuring the security of business accounts and the privacy of the remote worker,” Listingart said.
VPNs rely on dedicated servers that make it easier for IT teams to manage workers scattered across the globe. Kowalczyk said that their employees can only access company servers via a VPN.
When combined with antivirus software, VPN users can mask their exact location from prying eyes and keep employees safe from unwanted threats. However, 91% of respondents in the PC Matic survey weren’t provided with any antivirus software to install on their home devices. Companies that want to keep employees safe while they’re operating remotely should recommend VPN and antivirus software to protect against malicious attacks.
Related Article: How to Ensure Data Privacy in the Digital Workplace
Provide Cybersecurity Training
Organizations should do everything they can to protect the privacy of their remote employees. However, it’s up to employees to exercise some level of caution and discernment in how they handle themselves online in many instances. One way to ensure that everyone is on the same page is to provide cybersecurity training.
“Providing mandatory and frequently updated cybersecurity training for all employees is more crucial now than ever," said Alan Duric, CTO of Berlin, Germany-based Wire. Without proper training, employees will be unsure of what to do if they find themselves under attack.
For IT professionals, many of these practices are already commonplace for individuals. Still, the challenge will be educating employees on a larger scale and it’s up to these employees who are already aware of the risk to help support remote privacy efforts.
“IT teams can help coordinate efforts and raise awareness across multiple team touch points, and it’s important that employers make that a priority,” Listingart said.