Why monitoring staff is vital for data security during Covid-19
How important is it to monitor staff when they are working remotely?
At a time when the majority of people are locked down due to the Covid-19 crisis, companies need to be sure that their security is maintained – so monitoring is vital.
This is not about checking up on whether employees are working productively or swinging the lead.
It’s about monitoring their connections so that data breaches cannot occur – as well as ensuring that staff are able to work properly and efficiently.
Whether your company infrastructure is on-premise or in the cloud, secure connectivity is critical. Access control must be through SSL-VPN encrypted tunnels and the firewall must be able to handle the number of connections now coming in from homes.
I know one customer with a four-year-old firewall that usually handled around 30 connections as most people worked in the office.
Suddenly, with 100 connections coming in from remote working, we had to increase their throughput by 16x so there would be no drop-outs, buffering or hanging connections and people were able to do their work effectively.
Most companies’ corporate networks are of a high standard, but outside connectivity becomes an uncontrolled environment, dependent on the right hardware, broadband connections and proper encryption.
Monitoring is not only vital, but a legal requirement: in order to comply with GDPR regulations and avoid a fine from the Data Protection Commission, business owners must be able to show precisely what happened and on whose computer.
Privacy by Design
Implementing security decisions with privacy by design and reporting by design built into them is key. A user’s location should not dictate the ability of the business owner to fulfil this critical obligation.
Now is the time to stop and think about core staff, whether they have issues in equipment or their broadband connection and get them fixed. If the broadband doesn’t work very well, change the provider.
I've heard of staff complaining that their printer doesn’t work, only for the engineer to discover that it is over two decades old and will never work in the modern world. Get a new printer or save the environment and don’t print! Get set-up and tested.
This pandemic is a wake-up call for any company that doesn’t have a Disaster Recovery and Business Continuity Plan: the new reality is that security cannot be compromised, everything should be easy, secure and reportable.
Staff should be made aware of what monitoring is taking place and why, it should be an open part of the contract-signing and induction processes.
On the productivity side, there are a number of trackers that can be implemented. Microsoft Teams has the ability to show presence, which can be a light way to see if someone is online or not.
Office 365 also has reporting in place for application and network usage which also provide reporting. That said, it has been our experience that business owners do not require this level of reporting as users are well aware of the tracking and monitoring that is in place.
The issue for business owners is that their employees are delivering their workloads and doing what they need to do.
For more information on how Ortus can help you manage security, click here.