SECURITY complacency is on the rise as employees and employers settle into life working at home, a local data protection expert has warned.
Privacy Helper, based in Bedford, has seen an increase in visits to its website to find out more about data security. Searches for ‘data security breach’ have trebled and those for ‘data security awareness’ have gone up by more than 50%.
Businesses must take steps now to ensure they do not fall foul of data security legislation, says Privacy Helper compliance director Andy Chesterman. Do not let security slip, he advises, as people working from home may become more relaxed with customer and client data.
“It’s easy to do, employees may have become relaxed, security measures are not being enforced and mistakes are made,” Mr Chesterman added. “Make sure data security is at the forefront of everyone’s minds. Bring it up in team meetings, issue regular emails with top tips and do not let it become an afterthought.”
There are additional steps that employers should be taking to keep data secure wherever an employee is working:
- Make sure all laptops and devices have the latest software updates and security patches. The IT department should have a regular plan in place to roll out updates on work devices and employees using their own devices should be reminded to update regularly;
- Invest in a VPN service, allowing employees to access your business systems without exposing their location to hackers. This is particularly useful as a home WiFi system may not as secure as the one used at the office;
- If an employee leaves the business while remote working, make sure their equipment is collected securely and returned to a secure location promptly.
The main sticking point around data security is the use of personal laptops and electronic devices to access company systems. While using a personal device may be unavoidable, steps can be taken to make sure robust data protection is in place:
- Really consider providing all employees with a work device to use. It may create an initial impact on your budget, but could save you embarrassment, loss of business and the possibility of an investigation by the Information Commissioner’s Office;
- Establish a secure portal connection with your business systems that is encrypted and password protected;
- Make sure any business data such as emails and client information is not transferred to the employee’s device. If it is, it is securely deleted.
- Use a VPN to access your business systems.
Many data breaches are avoidable, with 60% caused by human error, says Mr Chesterman. “Taking a few simple steps and using common sense can help avoid losing customer or client confidence and being slapped with a financial punishment too.”