So many firms rely on others to ensure that their information security is adequate for their firm, and importantly their client data. The legislative burden on firms with GDPR now is place is high and the consequences for failure substantial. Do you rely on your IT Manager or IT Provider to ensure your reputation?
What should firms be doing now?
Understand what your IT Systems look like, with hybrid remote and office work likely to continue well into next year and probably into the future permanently. What is different than pre Covid 19?
First, firms don’t have the security and benefit of an office-based network and firewall when staff work from home. Users might have some when they are connected in via a VPN, but in most cases if they are using browsers and sending and receiving emails from home there is an increased risk.
Second, if you are letting staff use their own PC or Laptop at home or use a work device for general browsing on the same network as the rest of their household there is an increased risk.
Third, many software applications like Anti-Virus, Windows Update, and Office etc rely on a centralised server connection to be updated. Not updating these applications puts your business and your client’s data at risk.
So, the short answer is working from home in an unprotected way puts your business and your reputation at risk.
How can you reduce risk and protect your client’s data?
1. Install Microsoft Intune. This allows you to control updates on your Staff Pcs and Laptops as if they were in the office. It also allows you to deploy Windows 10 to your firms standard, control and secure mobile devices whether they belong to you or not. Its included in Office 365 Premium or can be purchased separately for a few pounds per user per month.
2. Consider upgrading your team’s internet connection / firewall at home. Normally staff would use their normal home internet to access your work server and any websites they need. If you are expecting them to permanently work from home, you could provide a dedicated internet connection and small firewall you can then control and secure that service.
3. Training make your team are aware that by working from home risks are increased and they should exercise increased caution when dealing with client data. Help them understand the challenges and make sure they know what they are doing.
If you would like a second opinion on whether you IT security is up to scratch please get in touch?