This rapid transition to a remote work force caused a surge in laptop sales 2, an upheaval in the video conferencing industry and major issues for those responsible for managing and protecting a corporation’s data. Companies instituted secure VPN’s to protect outside access to company data, but many employees downloaded and stored corporate data on their home computers.
These home computers included assigned company laptops but a vast majority of data was downloaded to employee’s personal IT assets. Just like data at rest on mobile devices, data stored on home computers has become a nightmare3 for Chief Data Officer’s (CDO) and may not allow organizations to adhere to internal data security policies.
Managing the security of data on employee’s home computers is still the responsibility of the corporation. HIPAA and FISERV penalties will not be alleviated because a company had to insititute a remote workforce. These penalties range from minor infractions requiring a warning to magor data breaches that could cost a company millions of dollars in fines, legal fees and a loss of brand value.
Companies recognized that data on employee’s home computers can become vulnerable if any of the following issues occurred:
These are few of the issues that could make data vulnerable. We recommend that the data management team closely look at how data is managed by remote employees and find additional methods that data can become accessible.
Once this review is complete, organizations should institute guidelines on how an employee should handle and protect a company’s data. The regulations could include the following and any additional guidelines recommended by the data management team:
The office work environment could change dramatically due to this pandemic and, as NPR reported, may change forever4. Each organization should reexamine their data security policy and ensure it effectively manages remote workers and data stored on home office equipment. The organizations should then institute procedures for remote workers to follow to effectively manage sensitive data. All employees and managers should be trained on these regulations and proper data management should be a portion of every organizations annual review. Effective data management improvements could decrease exposure to data breaches and other data security events.
Contact WipeDrive at 801.224.8900 for more information on data security and data erasure products.