As the stay-at-home restrictions begin to lift, it is obvious that many office environments and workplaces will not return to the way they were. A recent Gartner survey of 229 HR leaders and additional analysis revealed that “41% of employees are likely to work remotely at least some of the time.” Forbes reported that an MIT survey uncovered that potentially “half the U.S. workforce might now be remote workers.”
Remote Technology Brings New Risks
All re-open plans need to include a review of the business’ technology, procedures, and cyber insurance coverage. Now, each computer, in each home, bring individual risks regarding data security. Work-at-home employees must be diligent with their internet security, such as the router name and password, and firewall. If an employee is using their own computer or laptop, that brings even more exposures.
Other security risks include who is at home with the employee, how often they are in view of the computer screen, and if they can use the company’s computer. Policies are important; however, they may be difficult to enforce.
These risks are also going to affect a cyber insurance policy. Although business insurance is to help businesses mitigate their risks, they are not substitutes for good business practices. Regardless of the size of the organization and if there’s a designated IT department, it is the owner’s or the executive team’s responsibility to communicate the importance of adhering to new technology procedures and policies.
Cloud-Based SaaS Can Help Reduce Risks
The ability to work remotely is supported by the numerous cloud-based platforms and tools that most employees use daily. The terms of cyber insurance policies typically require proof that a business is using responsible companies in selecting their SaaS (software-as-a-service) tools. Since all the business’s important data, and in some cases, confidential data is housed on multiple SaaS platforms, these tools need to be transparent with their own security processes and procedures.
Additionally, companies have more control over SaaS platforms. System Administrators can usually see questionable activity and either log users off the system, or completely remove their access remotely.
New Risks Around the Corner
Some SaaS tools, such as Zoom, have opened new risks that were previously under the radar for businesses. Four months ago, occasional video conference calls didn’t attract hackers. Now, video conference calls happen multiple times a day, and topics include just about everything you need to talk about to run a business, such as financial decisions, trade secrets, and continuity plans. These conversations, that used to take place behind closed doors are now cloud-based and vulnerable.
Computer viruses and ransomware are old risks that have now become new risks. IT departments that had become diligent with their in-office security may now have to re-evaluate their tactics for long-distance management.
Often a good cyber insurance policy will include access to valuable risk management resources that can include a hotline to call in the event of a suspected breach, assistance in developing an IT security plan, and webinars and instructive materials to share with employees on a continuing basis to ensure that they are aware of the potential threats and how to avoid them.
As businesses plan to re-open, re-evaluating their cyber insurance coverage should part of their strategies as they may need a new policy for their new way of doing business.