COVID-19 Security Alert: 10 Reminders for Employees Working RemotelyPrint PDF
The security and confidentiality of a company’s data is paramount. As businesses grapple with the COVID-19 pandemic and the need for employees to work remotely, it is important to remain focused on ensuring the security and confidentiality of a company’s data, especially personal or financial information of individuals. A breach of confidentiality may impact a company’s customers or employers and can even impact the viability of the company’s business itself. With that in mind, here are 10 security reminders for employees working from home:
- Use only company-approved devices unless exceptions are approved by IT. If you must use personal devices, including mobile phones, ensure that your software is up to date.
- Refrain from using your work computer/devices for personal matters and do not let family members (including children) or others use your work computer/devices.
- Refrain from copying or sending confidential data to personal email accounts or personal computers, and refrain from sending confidential data through text message.
- Ensure that your passwords are unique, complex, and long, and use multi-factor authentication whenever possible.
- Ensure that your home wifi network is password protected and encrypted and avoid using publicly available wifi networks unless you are connected using a virtual private network (VPN).
- Ensure that work is conducted in a location that allows for confidential communication.
- Lock your computer or other devices when not in use.
- Encrypt any sensitive data where possible.
- Be especially mindful to whom you are sending emails and attachments to ensure that only intended documents are sent and that they are sent only to the intended recipient.
- Be especially careful about phishing emails – hackers are very active during times of increased tension. Hackers pose as colleagues, clients, or other trusted parties, or use recent news headlines as an excuse to encourage you to click on links, open infected attachments, or provide your user credentials (usernames and passwords).
If you suspect that there may have been a privacy or security breach or if you think you may have been fooled by a phishing attack, contact your IT department immediately. Breaches are far less damaging if they are addressed immediately.
This advisory was prepared by Seth Berman, the leader of Nutter’s Privacy and Data Security practice group, and Nehal Khorraminejad, an associate in the Litigation Department. For more information, please contact Seth, Nehal, or your Nutter attorney at 617.439.2000.
This update is for information purposes only and should not be construed as legal advice on any specific facts or circumstances. Under the rules of the Supreme Judicial Court of Massachusetts, this material may be considered as advertising.