By John Lloyd

 


After what seems like an interminable time, those in charge have decided to take a decidedly old school approach in order to achieve success in an intimidating modern world scenario… but that is enough about the plot of Top Gun: Maverick. It cannot have escaped anyone’s attention that there is a lively debate being conducted in offices and homes across the land about the return to the workplace. Even the Catholic Bishops’ Conference of England and Wales has restored the obligation to attend church on a Sunday. Nowadays it seems only the Queen gets to choose whether or not she turns up to work events.

As we found when the pandemic drove everyone to reorganise their bookshelves in a desperate bid to look more intellectual/driven/cool/literate when on a Zoom/Teams/Hangout/FaceTime call, there are data protection risks associated with any change in circumstances. As everyone weighs up the pros and cons of the return to the office, whether full time, part time or only occasionally to check that your colleagues had not actually been replaced by deep fakes, there are a few things to bear in mind as we all look ahead to the sunlit uplands of the post-pandemic world (if you discount the rising inflation, wars around the world and British summer weather).

Whatever decision you make (or have imposed upon you) about where you will be working, consider the following aspects of how you will work from now on.

What are the new rules? It turns out the new rules are in fact the same as the old rules, since one thing the pandemic failed to change was the basic principles of how to behave respectfully and appropriately. I am only talking about data, of course: clearly everything else went out of the window. Perhaps the more pertinent question is: what have we forgotten about working life, apart from how to tie shoelaces?

Old working from home habits die hard so it might take a little more effort to restore the muscle memory of locking your computer when away from your desk, for example (also avoiding the cheeky ‘next round’s on me’ e-mail to all from a well-wishing neighbour).

Similarly, shoulder surfing may be more likely when there is actually someone else who cares about what you are up to in the same room. Or, for that matter, on the bus or train on the way to work. (Or, if you are really lucky, in an airport lounge like the one where I once watched a Big Four consultant preparing a presentation on cyber security…)

We have warned previously about the increased prevalence of phishing and ransomware attacks, both during the pandemic and latterly especially from state actors. Such attacks will not stop and the risks may even be increased when people are split between office and home. How easy is it to check that the last e-mail did come from Finance? Never fear a light challenge in the name of data protection: act in haste, repent at leisure.

If you are back in the office, there is some merit in remembering the old ways: no, not telex and pagers but the simple virtues of talking to people rather than using (often less secure) electronic communications channels. Take that Finance request – how easy it would be to pick up the phone to check its validity or saunter over to the finance desk (assuming they are not working from home this week)?

If you are going full hybrid, spare a thought for your colleagues, wherever they may be. Some of the greatest information security vulnerabilities come not from breaches of confidentiality but lack of availability of information. Do your colleagues have all the information they need to do their job? Are you sharing information with the right people? In 2020 you may have implemented the technological infrastructure to support remote working but, as people return to the office, is there support in place for a hybrid world?

If the office is still there, having been dormant for a couple of years, or if it is new, have you (re)tested all your continuity plans? It would be pretty galling to have everyone come back in for a celebratory barbecue only to discover the fire extinguishers had expired and watch the whole thing go up in flames. Hopefully the cloud will save most of your data from the smoke but these physical security measures have data protection implications. It is always worth running a few tests to make sure the situation is in hand.

The new(ish) normal presents a lot of opportunities for us all to work more creatively, flexibly and collaboratively. Doing all this safely should also make your collaboration more effective, efficient and enjoyable, whether at home and in the office or both. Wherever you are working, though, just remember that the key to success is not the box, but the pilot.

See below for links to other relevant material

If the reference to Cyber Security has you thinking, we've a 20-minute guide. It includes the key threats to be aware of, practical tips and guidance on how to keep your business protected and the 10 key questions your business should be considering.

The Securys 20-minute guide to cyber-security | Securys

If on reading this blog post, you feel your teams need training support, we can help. Click below to read more about the services we offer.

Training - Enterprise — Securys

Our recent Enterprise Insights article looks at the easiest tool to reduce your exposure – by getting rid of data you no longer need. Click below to read how.

Stop hoarding! | Securys