1. Employees using company equipment should take all reasonable physical security measures during its transportation, use and storage.
2. Use your organisation's trusted networks or cloud services i.e. a virtual private network (VPN) that ensures the secure transfer of data to and from your organisation.
3. If you work without network or cloud access, make sure you adequately backup your work and keep any backups securely (encrypted).
4. In the absence of company's devices, you may be asked to use personal devices. In such case, follow your employer's instructions for approved applications (video conferencing, communication, data sending, etc.) and security requirements.
5. Make sure that you use a strong password, you have downloaded and installed the latest updates of the operating system (e.g. Windows, iOS) or other software and you have an updated antivirus program.
6. Follow your employer's applicable instructions for business email. If you are going to use personal accounts (Gmail, MS Outlook, etc.) always encrypt all attachments before sending them and classify your messages accordingly depending on the nature of the communication.
7. Transfer files to USBs or external disks only if your organisation's security policy allows and always use encrypted portable media.
8. Be aware of deleting any data, passwords and disconnecting any account you logged on when you no longer use the personal device for business purposes.
9. Secure all portable electronic media and other physical documents in a separate space from your personal files.
10. Find an isolated area of your home and make effort to simulate your workplace workstation where possible (desk with wired connection, camera with microphone).
Please note that teleworking under recovery plans in an emergency period (pandemic) is not excluded from applicable law, so any additional processing or breach of personal data follows the same requirements for technical and organisational measures and notification under the GDPR Regulation.
Teleworking Security Advice
The following 10 security tips will help employees safeguard information while they are working from home. Teleworking is deemed necessary in almost any crisis situation and especially amidst the COVID-19 pandemic. Organisations should have a specific teleworking policy in relation to network connection, devices, teleworking/ teleconference applications, the permitted data processing and minimum security measures. In addition, such a policy should take into account the business continuity strategy of the organisation during a crisis situation (pandemic in this case) and the any other existing Business Continuity Plan.
During a pandemic crisis the burden on mental health of employees due to the stress, fear and economic uncertainty is vast, hence organisations must put extra effort to provide clear instructions to their employees taking into consideration their personal circumstances while at quarantine, their psychological state and balance these with workload.