Devin Partida writes about cyber security and technology. She is also the Editor-in-Chief of ReHack.com.
Some companies are quickly trying to adapt to new privacy policies. However, businesses are not taking enough time to consider possible solutions to comply with data privacy protection for remote employees.
Data and security workplace privacy
Many risks pose potential problems due to the lack of policies for cyber security. In 2020, the FBI’s Internet Crime Complaint Center reported an increase of 69% in complaints compared to 2019. These complaints were due to the increased risks of ransomware attacks on remote workers.
Privacy laws matter when it comes to protecting personal information. Some of these types of sensitive information include bank accounts, passwords, addresses, and social security numbers. As an employer, data privacy protection and policies should remain a high priority, especially if remote workers can access information remotely.
For all businesses that manage a remote work team or teams, data and privacy protection should be one of the biggest concerns. First, there are a few issues at hand that businesses can take into consideration.
Companies can use software products that disable features such as copy and paste. These products contain features that enable employers to use this feature over the cloud to users’ home computers. However, organizations that prepare for these situations still allow employees to access the corporation’s VPN (virtual private network).
Businesses are also enabling employees to use their personal computers and phones to do their work. With these issues in mind, a breach of sensitive data and access to confidential information remains on the line.
These issues increase the risks in how remote workers handle this information for customers, prospects, and employees. Federal and state privacy laws place restrictions on the storage of specific data. However, companies that store sensitive data must limit the use and disclosure of private information and must securely delete data after it is no longer needed.
Tracking remote employee productivity
Larger companies are using some form of monitoring approach to track remote workers by reading emails and messages on social media and gathering data. Corporate executives can have access to this type of information through vendor reports. Employers use this information to learn about their remote workers to help improve their productivity at home.
Other activities employers are tracking include instant messaging services like Slack and Zoom video conferencing calls. Zoom had a monitoring feature that enabled employers to check if the Zoom app is in focus. The company faced a ton of scrutiny for this tracking feature before removing it entirely.
Remote employee and employer privacy rights
Employers can claim they are using these tactics to track employee productivity. Although, the controversies associated with storing secretive information and data breaches are still the primary concern. Regarding privacy protection for remote workers, laws are still under debate as the concept of working from home is relatively new. Essentially, remote employees have very few rights at the moment, and federal and state laws are a work in progress.
However, the ECPA (Electronic Communications Privacy Act) of 1986 protects email and phone conversations that are electronically stored. Nevertheless, the ECPA does not cover employee privacy protection from an employer.
- Most remote employees have unsecured home networks. Ensure employees can connect to a secure network using a VPN with a multi-factor authentication login.
- When employees connect to the company’s network, require that they use anti-virus software and make sure it’s up-to-date.
- Factor in employee training every month so all employees have the latest knowledge of new protocols.
- Use email scanning software to identify phishing emails to prevent hackers from requesting sensitive information.
- The transmission of sensitive data should have encryption locked in place to avoid breaches.
Emerging precedents and responsibilities
Companies and employees need to be aware of how remote environments change their levels of personal security and privacy. Although few privacy laws are in place, companies should take measures into their own hands to protect their business and its employees. In short, organizations in all industries must remain vigilant, since remote work is here to stay for the long haul.
Discover more cyber security insights and analysis when you sign up for the Cyber Talk newsletter.
Disclaimer: The views and information expressed in this article belong to the author and are not necessarily held by CyberTalk.org or Check Point Software.