As measures taken by governments around the world to combat the spread of coronavirus continue to intensify, the possible consequences of remote working for your business should be considered.
Whether you are a service provider or a customer, it will be important to try to ensure that ‘business as usual’ can continue and to address any technical and logistical challenges, to the extent possible.
Among other things, potentially, remote working can increase the risk of non-compliance with data protection regulations and security and confidentiality obligations. Consideration should be given to the greater likelihood of possible breaches involving unauthorized access to, or loss of, data and other business confidential information if employees remove data from the office environment, whether in electronic or hard copy form.
Employees should be reminded of the importance of confidentiality and organizations should ensure that appropriate data security policies are in place and adhered to. For example, acceptable use and ‘bring your own device’ policies, as well as the procedures to be followed if data breaches do occur.
In an increasingly global and interconnected world, the vast majority of organizations and businesses rely, at least to some extent, on IT systems and services provided by third parties. If the number of employees working remotely increases significantly and suddenly beyond normal levels, this may lead to performance and efficiency challenges regarding IT systems.
Communication between service providers and customers will be vital to ensure that service levels are maintained to the extent possible and that robust disaster recovery and business continuity plans are in place to allow businesses to continue to function.
Cybersecurity challenges may also arise if significant numbers of employees are obliged to work from home and security vulnerabilities may increase. Organizations should take all appropriate steps to safeguard the security of their IT systems. For example – among other things – accessing systems only through VPNs, use of multi-factor authentication at all log-in instances, prohibition of the use of public Wi-Fi and timely encryption and software patching and updates.
Bearing in mind the measures now being taken by certain governments, if any IT or behavioral changes are needed these should probably be implemented sooner rather than later, as such changes are likely to be more challenging to put in place if employees are working remotely.