Working from home is a revelation! But is it a headache for IT security?
No matter the industry you work in, working from home has been a fact of life for some or all of your employees. We have all had to adapt to the new normal. Managing children, working off the kitchen table and having to embrace new technologies are just some of the challenges we now face.
But, this also creates significant risks to a company’s infrastructure, systems and information. Companies needs to take precautions for the new way of working and associated risks involved. However, with the help of ISO 27001 information security management system, you can improve IT security, reduce risk and take advantage of the full benefits that home working brings.
Risks associated to home or out of office working
Working from home throws up many more risks than working from the confines of a company’s secure location (s). For instance, you could be exposed to the following risks:
- An employee’s family member could use the device and see sensitive information.
- Hardcopy material taken home could be lost or stolen.
- An old laptop or device may not have up to date software, malware or a anti-virus that could be exploited by criminals to access your company’s systems.
- Company Information can be intercepted due to poor WIFI security at home.
- Company data could be copied or stolen without anybody knowing.
- Homes with multiple occupants or shared communal area’s represent higher risk to company data.
It’s also important to point out that although all devices are at risk of being lost or stolen, the likelihood of a data breach is higher than working from the office.
ISO 27001 is a framework to minimise risks and improve IT security
Based on already-proven best practices, ISO 27001 controls help companies to handle out of office risks in various forms.
Through ISO27001 you can establish the rules for the implementation of safeguards to protect information accessed, processed, or stored outside your company, such as:
- What access rights are granted when working away from the office
- Which IT services are available and how are they monitored?
- How will IT concerns or data breaches be communicated
- What restrictions should be applied when downloading new apps or software
- How are devices protected or remotely locked?
Why choose NDC Certification?
As a leading certification company NDC aims to make ISO27001 certification as accessible as possible to business owners. We continually improve and adapt our auditing procedures and use latest technology to enable:
- Desktop auditing – cutting audit time by reviewing documentation remotely
- Reduced costs – travel and group meetings are minimised – improving staff productivity and internal resource. As well as your environmental footprint.
- Improved collaboration by using video conferencing tools such as Skype or Microsoft Teams
Already certified? Switch to NDC and cut audit fatigue
If you are already certified, then you may find that switching to NDC certification will not only provide cost savings but will also give you improved efficiencies over your current provider. Our new improved audit process will allow you get certified quicker, and save money by: –
- Uploading and sharing your ISO documentation with our lead auditors remotely
- Conduct stage one audit remotely, no need for us to attend site
- Conduct live audits via Skype or Microsoft Teams for home workers
- Invite attendees at set times – no waiting around for auditors
- Share evidence of conformity using web chats
- Conduct opening / closing meeting via video conferencing
- Use mobile devices, live streaming or video to conduct site tours
Our customers have reported significant savings in terms of time and resource by utilising technology, improved audit techniques and remote working.
For further information on ISO27001 or switching to our certification please contact us and request your free quote or speak with one of our team members.