With many more people working from home during the COVID-19 pandemic, sensitive data may need to be kept safe in a different, less controlled environment – so, how can home offices be made more secure?
With thousands of people now doing their jobs from home, during this time of crisis, data security is a huge concern. Most people would not, normally, be handling sensitive information away from the office environment – where security is, probably, much more strict and structured – but, in this unprecedented situation, many of us have to. Within the office, data is increasingly being digitised; this has been driven, in large part, by the Making Tax Digital (MTD) initiative. Since it was announced, MTD has highlighted the importance of knowing where all your data is and how it’s stored, as its aim is to ensure businesses and individuals get their tax right first time.
As well as making it easier for both ourselves and HMRC to process this information, digitisation reduces paper waste and increases security. Digitising your data saves time and money, ensures the easy retrieval of information and a full ‘paper’ trail, and allows the sharing of information. There are also legal elements to consider, such as the General Data Protection Regulation (GDPR), which requires businesses to produce and/or destroy data when requested by an individual – this can only be adhered to if you know exactly where all of that data is.
You may think that digitisation of important documents isn’t a priority, right now – but, actually, digitisation and secure storage will allow businesses to continue running as normally as possible. Work still needs to be scanned, shared and stored in a safe and secure place – not just online, but now within the home office – and home offices are, by no means, secure areas, so security here is a huge concern that mustn’t be overlooked.
Better document management within the home
Managing your own work – and, if you’re a manager or team leader, other peoples’ work – within the home office can be challenging, and sensitive data shouldn’t be left easily accessible regardless of the current COVID lockdown situation. Any business knows that mismanagement of documentation can lead to serious GDPR issues such as data breaches, fines, imprisonment – or even a company’s closure – so it’s not an area to overlook in any situation. The six principles of Data Protection, as outlined by Fellowes, are:
- Data must be processed lawfully, fairly, and in a transparent way.
- It must be collected for specified, explicit, and legitimate purposes and not be subsequently processed in a way that goes against those initial purposes.
- It must be adequate, relevant, and limited to what is necessary.
- It must be accurate and up-to-date; inaccuracies should be processed, erased, or rectified without delay.
- It must be kept for no longer than is necessary.
- It must be processed securely.
If you don’t have, at the very least, security software on your laptop – invest in it now. Additionally, any home office should have access to an encrypted memory stick or an external hard drive or a other secure storage device – such as a memory card – with restricted access for very sensitive data.
Any physical data kept at home should, ideally, be digitised, when possible, using scanning technology and restricted cloud storage. Documentation still needs to be archived for a certain length of time, and this strange lockdown period is no exception. Lockable cabinets, sets of drawers and customisable storage boxes, as well as colour-coded files, labels and wallets, are a must to make sure any documentation is kept organised and safe during a time when the ordinary office environment isn’t accessible.
An important element of data security is its destruction – a vital part of the document life cycle and a necessity for any business. Not only can your customers request that their data be destroyed, thanks to GDPR, but certain types of documentation has to be shredded to the minimum legal requirement by law, such as CVs from job applicants and personal information relating to previous employees. Many offices have large shredding units that can handle a huge amount of paper at a time but, within the home, we have to do what we can with smaller, individual units that can guarantee you have performed your legal duty in properly destroying any sensitive physical paper information.
You may think that your own home office is, automatically, safe and secure – but considerations must still be made, as with any environment, in relation to the security of your day-to-day data.