Data protection guidance for those remote working
With a vast majority of people in the property industry working remotely and whilst individual safety is at top of their priorities, agents and business owners must also be aware of the safety of their data and data protection during the crisis.
Ensure all security protection is up to date
Home-working employees may have security software installed at a device level, however, it is imperative that this and device encryption, firewalls and web filtering is too. Business owners offering employees to work from home should provide devices that meet this criterion or check other devices used are meeting the requirements.
As part of company IT policies employees should also make sure any updates required are done regularly if this isn’t done as standard. Make use of network monitoring software.
If software is used to monitor the security of a network this will help to identify any potential threats. By monitoring any problems caused by overloaded or crashed servers, or network connections, it is just another way to ensure that systems are secure for remote workers. Keeping network security to a maximum will help to continue to keep cybercriminals out.
Keep mobile devices and laptops safe
Lost and stolen mobile devices and laptops are easy pickings for cybercriminals if insufficient security measures are in place. The first line of defence is to look after them – always keep them in sight when in use, and never leave them in a vehicle.
Working from home is a very different setup to the usual office environment, family members, flatmates, and even pets can pose a data security risk that may not have been considered.
An inquisitive child or pet could cause problems – make sure devices are locked if left unattended, and out of reach at other times.
Any phone calls or online team meetings shouldn’t be overheard, particularly if the work being discussed is business-critical or sensitive. Make sure the user is the only one who can see the screen.
Strong passwords will protect business systems if a device is lost or stolen. They also protect businesses from cybercrime. Good password hygiene and best practice includes using multi-character passwords, two-factor authentication, and not re-using passwords.
Encryption and robust management of corporate email is a must. Both the company and the individual have a role to play. Making sure the network is secure, using systems such as Mimecast, is key, but staff must also be aware of email best practice. This includes spotting scam emails, what data must not be sent by email, and email etiquette.
USBs and other removable devices can contain malware and should be checked first. Many USBs that are given away free or obtained from an event may be infected, often unbeknown to those providing them. Never plug an unknown or shared USB into a computer. Use facilities such as Sharepoint for sharing information.
If it is necessary to take personal data home, ensure it is in a lockable storage unit. Do not leave any paperwork in a vehicle or lying around in the home, it must be locked away securely at all times.
Propertymark offers online training and members can access our fact sheet and checklist. Our legal helpline is also there to assist.
Kindly shared by NAEA Propertymark