5 Post-Lockdown Data Security Tips For Businesses
In March, the Government-imposed lockdown pretty much brought the country to a standstill. Businesses had to shut, manufacturing slowed and some industries like tourism and hospitality were adversely affected by these new regulations. Some businesses were able to set their workforce up to work remotely, while others had to furlough many of their employees. These unprecedented measures sent shockwaves through the national economy.
But now we’re nearly four months down the line and businesses are slowly beginning to open back up. Despite the Government and employers encouraging staff to continue working from home where possible, there does appear to be light at the end of the tunnel. While this is great news for business owners and professionals who want to get things back up and running, it has thrown up some major security issues and if not dealt with correctly, organisations could find themselves falling victim to a security nightmare.
So the question for many businesses and their teams is, what can we do to protect our data and cybersecurity once lockdown has been lifted? As the country prepares to return to some sort of normality (albeit a different a very different reality to our pre-lockdown lives), we’re here to help make the transition a little bit easier. Read on to find out more about our top post-lockdown data security tips for keeping your business safe.
- Have a digital cleanup
First thing’s first, you’re going to need to have a major cleanup and to get good digital hygiene processes in place. The rush to shut down the business and get the remote workforce set up meant that there has been some crossover between work and personal devices in many organisations. This presents a huge data security risk with many of these devices lacking VPNs or effective security systems, not to mention being vulnerable to prying eyes and family-use in the home.
For this reason, when staff return to work and bring back these same devices, they need a big digital cleanup before they can be plugged back into company systems. After all, imagine if a phone, laptop or memory stick has been compromised and infected with malware, only to be plugged into the office systems on the first day back. This could cause your systems to become compromised and offer hackers access to your company data.
The best way to ensure all devices have been effectively cleaned it to ask staff to run scans beforehand and ensure they’re free of malware or harmful content. They should also update their systems, including any security systems and be sure to empty their download and trash folders before plugging into any company systems.
- Change passwords
As everyone comes back into the office it’s a good idea to bolster your security efforts. One really simple but effective way to do this is to get everyone to change their passwords and create a strong new password. The logic behind this is that other people may have gained access to their passwords during lockdown, potentially even hackers or cybercriminals who may have exploited unsecured internet connections to get this information. You should make sure that going forward your business has a strong password policy in place, perhaps even encouraging two-factor authentication.
- Run a data security gap analysis
Look at returning to work after lockdown as a fresh start, this is your opportunity to update any old systems or policies and to reeducate staff about cybersecurity and data protection best practises. To kick start this, it’s a good idea to run a data security gap analysis. These gap analyses are used to highlight any weak or vulnerable areas of your security systems, so you can get measures in place to bolster your security and patch any gaps in your data protection efforts.
If you’ve never run a gap analysis before or if you want someone that is going to do a thorough and comprehensive job, you may want to hire a third-party to do this for you. This can ensure you’ve got the very best security systems in place and massively reduces the risk of a data breach in your company post-lockdown.
- Re-train and update all staff
As we briefly touched upon above, this is the perfect opportunity for you to reeducate staff on cybersecurity and data protection best practices. Whether they’ve been working from home or furloughed, it’s been a while since everyone was in the office and a lot has changed since then. As such, a refresher course on security is always beneficial.
Make sure you’ve got all the appropriate (and helpful) literature in place for staff to read through should they need advice. Circulate this amongst your team and make sure it’s saved somewhere they can access it at a later date should they need to. It can also be a good idea to run training sessions covering cybersecurity, data protection and related scams.
For example, one thing that has been popping up a lot during lockdown is phishing emails and phone scams related to Coronavirus. Sadly, cybercriminals saw this as an opportunity to target unsuspecting victims and prey on the uncertainty surrounding this virus. Teaching employees how to spot the signs of a scam and who to report suspicious behaviour too can massively reduce the risk of human error resulting in a data breach.
- Don’t undo your work
Finally, if you spent the first few weeks of lockdown frantically preparing your team to work remotely and getting new systems in place, don’t undo all of this hard work just because lockdown has lifted. We’re still living in uncertain times and should a second wave of the virus come, you may be forced to return some or all of your team to their remote positions. Not to mention if someone comes down with symptoms or comes in contact with someone who has them, they may need to self-isolate and work from home for a couple of weeks. As such, it’s a good idea to keep any remote working and data security systems you had in place, in case you need to rely on these at a later date.