The COVID-19 pandemic has transformed the way in which many businesses operate. In many cases, entire workforces now function entirely from their employees’ homes. For some, this transformation has been seamless. However, whilst the priority for many has focused on setting up the workforce at home, a number of technical and legal issues relating to data protection, privacy and cybersecurity still need to be addressed.
Foremost, businesses hold important personal information relating to their business. Adequately configured corporate policies and compliance programs that accommodate working from home will be vital in ensuring information is protected. Businesses also need to be aware of the cyber and data security risks and threats that are emerging from the pandemic. The move to working from home is creating new risks and exacerbating and exposing existing security vulnerabilities within many organizations.
Our client base is seeing, for example, an increased prevalence of COVID-19 related phishing attacks. Businesses need to also ensure that they have appropriate cyber incident response frameworks in place as well as adequate training to mitigate against potential cyber incidents. In addition, robust and dynamic risk analysis will be key to maintain secure remote working. Once lockdown starts to unwind, businesses will need to focus their attention on how their workforce can safely return to the workplace. Contact tracing technology may be a key component of this. However businesses must be aware of the significant privacy concerns that arise from use such technology.