Data protection guidance for remote working

With a vast majority of people in the property industry working remotely and whilst individual safety is at the top of their priorities, agents and business owners must also be aware of the safety of their data during the crisis.

cyber security.jpg

Ensure all security protection is up to date

Home-working employees may have security software installed at a device level, however, it is imperative that this and device encryption, firewalls and web filtering is too. Business owners offering employees to work from home should provide devices that meet this criterion or check other devices used are meeting the requirements.

As part of company IT policies employees should also make sure any updates required are done regularly if this isn’t done as standard. Make use of network monitoring software.

If software is used to monitor the security of a network this will help to identify any potential threats. By monitoring any problems caused by overloaded or crashed servers, or network connections, it is just another way to ensure that systems are secure for remote workers. Keeping network security to a maximum will help to continue to keep cybercriminals out.

Keep mobile devices and laptops safe

Lost and stolen mobile devices and laptops are easy pickings for cybercriminals if insufficient security measures are in place. The first line of defence is to look after them - always keep them in sight when in use, and never leave them in a vehicle.

Who’s watching?

Working from home is a very different setup to the usual office environment, family members, flatmates, and even pets can pose a data security risk that may not have been considered.

An inquisitive child or pet could cause problems – make sure devices are locked if left unattended, and out of reach at other times.

Any phone calls or online team meetings shouldn’t be overheard, particularly if the work being discussed is business-critical or sensitive. Make sure the user is the only one who can see the screen.

Password hygiene

Strong passwords will protect business systems if a device is lost or stolen. They also protect businesses from cybercrime. Good password hygiene and best practice includes using multi-character passwords, two-factor authentication, and not re-using passwords.

Email encryption

Encryption and robust management of corporate email is a must. Both the company and the individual have a role to play. Making sure the network is secure, using systems such as Mimecast, is key, but staff must also be aware of email best practice. This includes spotting scam emails, what data must not be sent by email, and email etiquette.

Removable devices

USBs and other removable devices can contain malware and should be checked first. Many USBs that are given away free or obtained from an event may be infected, often unbeknown to those providing them. Never plug an unknown or shared USB into a computer. Use facilities such as Sharepoint for sharing information.

Personal Data

If it is necessary to take personal data home, ensure it is in a lockable storage unit. Do not leave any paperwork in a vehicle or lying around in the home, it must be locked away securely at all times.