Working from home can be a very different experience if you’re used to an office environment. Whether it’s trying to stay organised, properly managing time, or even just switching off at the end of the day, more and more people are encountering the unique challenges that working from home presents.
However, there is one challenge that can be easily underestimated: maintaining the privacy of data. Whether it is sensitive commercial information, personal data, or the contact information of your colleagues, we all have a responsibility to ensure that we are properly handling, transmitting and storing the information that we use every day.
So what does this mean in practice?
Well, let’s start with the easiest step – keep your software up to date! It’s an incredibly basic, yet absolutely essential task. Most software companies issue regular updates. These usually include new features, bug fixes and security updates. For this discussion, we’re concerned with the security updates! While it may seem unlikely that you’ll be targeted if you haven’t installed software updates, it has led to significant problems in the past. Perhaps the most infamous example is the WannaCry Ransomware attack, which exploited known vulnerabilities in older operating systems. So set some time aside, and let those software updates run when you’re prompted!
The next step is to use approved software for specific tasks. That might sound obvious, but when it comes to working from home, there are some important subtleties. For example, let’s say you use a chat tool like Slack, Teams, Skype or Zoom to keep in touch with your colleagues. These apps support file sharing, but do you know where these files are stored? Are they encrypted when they are in transit? If you’re only sending your colleagues a cute picture of your pet, the answer to these questions doesn’t really matter. But what if you are using them to send confidential or personal data? You could be accidentally breaching Privacy Legislation, or exposing sensitive data to a potential data breach.
There are even greater challenges if you are working on personal equipment. One of the most useful (and potentially dangerous) features of mobile phones is the ability to have all of your data automatically backed up to the Cloud. You can rest easy in the knowledge that if your phone is damaged, or if you upgrade to the latest model, you’re just a few clicks away from restoring everything you need. But what happens when you use work tools on your phone? For a lot of applications, there is a good chance that when you open a document it is copied to your phone. That means it is now held on the cloud in your personal backup. If that document contains any personal data and is subject to Privacy Laws, then you could be breaching them!
Most of us wouldn’t have the time or expertise to check every app we use, determine where the data is stored, and evaluate how risky this is. Thankfully, there is a simple solution. Only use approved software for specific tasks. If your company has a policy that you must connect to the corporate VPN to send secure emails that hold sensitive data, then use the VPN. If your organisation says that Microsoft Teams is the only approved channel to send files while on a video chat, then only use Teams.
In most organisations, someone will have taken the time to evaluate the software available, check how safe it is to use, balanced this against ease of use, and arrived at a reasonable decision. This informs your organisational policies on how software can be used, and how (or even if) personal devices can access work resources.
Understanding these policies and abiding by them enables everyone to maintain Privacy while working from home.
Best Practice Data Privacy
The management of data protection processes, assets and external parties has become much more important within modern organisations. MetaPrivacy has been designed to provide the best practice approach to data privacy compliance.
The solution provides out of the box functionality that allows customers to quickly obtain value without extensive periods of consultancy and configuration.
Contact us for further information on how we can help your organisation improve its compliance structure.