Do Employees Work From Home? Review Company's Information Security Policy

Published: 19 March 2020 y., Thursday

Due to the introduction of quarantine in Lithuania because of the threat of the COVID-19 spread, the government recommended companies to move employees to remote mode. Work from home has many advantages, but at the same time raises many questions, especially in the field of information security.  Data leakage can lead to serious financial and reputational losses. Is the business ready for remote work?

Andrius Kiaune, specialist in information security risk assessment at Penkių kontinentų komunikacijų centras, a provider of ProfIT outsourcing IT services, says that everything depends on the information security policy of each organization.

“Company executives, before moving employees to the remote mode, must explain to them that information security in the telecommuting conditions consists of three components: knowledge of the rules, technical capabilities, and security awareness. These are interconnected links of one chain. Its reliability is very much determined by the weakest link in the chain,” says Andrius Kiaune.

For companies, using cloud services, it is easier to organize remote work. Information and data are stored on virtual servers (cloud) and, if the Internet is available, can be accessed in any place and at any time.

If a company stores information on a corporate server and has accurate access control, it is not easy to move employees to a remote mode of operation. It is necessary to provide employees with technical equipment.

The development of a strategy for transferring a company to a remote work should begin with an analysis of the information security policy and risk assessment.

Information security risk assessment is the process of identifying, resolving and preventing security problems in еhe following areas:

  • equipment used for work (computer, tablet, etc.);
  • information system for storing and processing data;
  • technologies for ensuring communication and security (VPN, firewall, two-factor authentication);
  • documentation describing the information security policy, which implies a set of measures, rules, and principles that guide employees in their daily practice to protect information resources.

The three key principles have become a foundation for information security:

1)      integrity (resistance to accidental or intentional destruction, unauthorized change);

2)      confidentiality (prevention against improper information modification or destruction by unauthorized users);

3)      availability (ensures that employees can access information whenever they need it).

Risk assessment allows you to make the functioning of information systems cost-effective, relevant and able to respond to threats. It may seem that in an emergency, it is too late to assess the risks of information security; however, the audit can be carried out even in quarantine mode, since there is no need for direct contact with customers for its implementation. The results can be discussed via videoconference.

ProfIT specialists provide comprehensive services for assessing information security risks: operational and technological audit, preparation of information security policies, staff training, etc.

Šaltinis: Penki kontinentai
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.

Facebook Comments

New comment


Captcha

Associated articles

Pandemic and Approaching Autumn Bring Viewers Back to TV Screens

Pandemic and self-isolation have changed our habits. Children and adults, practically locked at home, began to watch TV more often. According to fiber-optic network Penki, TV time has increased by 30 percent since this spring compared to the same period last year. more »

Related videos

05/02/2014

Padėkime augti

Security solutions for ATM is especially relevant in the African region

ATMeye.iQ is a software solution developed by BS/2 company, which is designed to secure ATMs and help resolve disputes with customers. more »

Towards innovation: Diebold Nixdorf and BS/2 discussed plans for 2022

On February 2, 2022, BS/2 executives met with representatives of Diebold Nixdorf. more »

Penki kontinentai group strengthens positions on the Georgian market

Penki Kontinentai is a payment terminal service provider. The company currently operates 30,000 terminals in Georgia. more »

Smart POS-terminals with COVID certificate scanning functionality

Managers and customers of Lithuanian catering establishments are already happy with the new payment devices, which can be used not only to accept payments with cards but also to verify national COVID certificates. more »

Android-based smart POS-terminals come to the Baltic market

ASHBURN International introduced to the market a modern solution for cashless payment acceptance. more »

Anar Gasimov - "We took the direction of digitalization

V International Banking Forum in Baku has come to an end. This year it was dedicated to cashless monetary circulation and brought together participants not only from Azerbaijan more »

Lithuanian ambassador to Azerbaijan promised to support Lithuanian business in the region

The V International Banking Forum started in Baku on December 8. more »

Banking industry trends of 2022 to be discussed in Baku

On December 8 and 9 Baku will host the V International Banking Forum. more »