The ICO has published ‘Working from home – security checklists for employers‘ which advises that time should be taken to ensure that homeworking solutions are being used securely. General principles include: (a) have clear policies, procedures & guidance for staff who are remote working; (b) use the most up-to-date version of the remote access solution; (c) staff have been reminded to use unique and complex passwords; and (d) check that multi-factor authentication is available and configured it where possible. Advice and checks to be made is provided under the headings: bring your own device, cloud storage, remote desktop, remote access to corporate software applications and email. For example, under ‘email’ employers should check that National Cyber Security Centre guidance on defending against phishing attacks has been implemented and staff have been advised to use corporate email solutions only and not to use their own accounts for the storage or transmission of personal data.
ICO provides security checklists to employers for staff working from home
Article by: Makbool Javaid, Partner - Simons Muirhead & Burton |