Telework and data protection
Telework and data protection
In this article we will analyze the implications of Telework and Data Protection, without forgetting Cybersecurity.
Since a few months ago, teleworking has become the way of working for many of us, due to the confinement situation we are living.
Introduction
Teleworking consists of working outside the company’s facilities, using new technologies and means of communication to fulfill our work obligations.
Seen in this light, it has many advantages such as schedule flexibility, reduced travel time, greater freedom of clothing, savings in image and transportation costs…
However, it is important to be aware of the risks that this way of working entails without forgetting the relationship between Teleworking and data protection. data protection and information security.
Questions
At the headquarters of Business Adapter Data Protection in Valencia, there are many customers who are concerned about these issues because they are aware that working remotely Many customers are concerned about these issues because they are aware that working remotely implies in most of our actions that the information that was previously safeguarded in the company’s computers and servers, protected by corporate security measures, now has to be available on devices that are even for personal use, so the risks of loss, hacking or misuse increase.
Data protection and teleworking
Working remotely implies the same responsibilities as if we were working in the corporate facilities, and therefore, applying the same security measures for our information.
In relation to Telework and Data Protection, we have to follow the obligations set out in the RGPD and the LOPD-GDD related to data processing and recommendations for teleworking published by different organizations such as the AEPD, INCIBE or the CCNWe pay special attention to the security measures implemented by our company, so that we can continue to respect them even when we are away from our natural habitat of work.
Let us not forget, as a main point, the issue of confidentiality with our service providers, a circumstance that must be reflected in the service provision contract.
Telework and cybersecurity
Equally important is the existence of a Cybersecurity Policy in the company, covering, in general terms, the following points:
- Have a secure Internet connection, preferably using a virtual private network (VPN).
- Determine the requirements for the secure use of Wi-Fi networks and external networks.
- Prioritize the use of corporate devices. If personal devices are to be used, implement essential security measures.
- Access control to corporate information, according to previously registered authorizations.
- Secure access to devices through strong passwords and two-factor authentication.
- Updating of operating systems, antivirus and all applications in use, in order to minimize risks with respect to cyber threats.
- Encryption of information and information carriers.
- Perform frequent backups(best daily, automatic and encrypted backups).
- Responsible attitude towards malicious or unidentified e-mails, as well as unrecognized attachments.
- Take precautions if working in the cloud or with videoconferencing applications.
- Confidential destruction of paper documents.
Incidents
The communication of any incident or problem that arises when working is crucial to maintain an optimum level of security and service and guaranteed customer service, so that the appropriate channels must be established to report incidents that occur and attend to them as soon as possible.
Training
In addition, it is very important to develop a culture of data protection. data protection and security culture and security in companies, because in the end, those responsible for the lawful processing and security of information are the users themselves, in this case, the employees.
Secure Telework Guide
If you want our Secure Teleworking Guide and to comply with the European and Spanish Data Protection Law please do not hesitate to contact us here.
Business Adapter Legal Department