During the COVID-19 pandemic, technology has proven to be invaluable in allowing organisations to stay as connected as possible. Video chat software and apps have been particularly useful, as employees have been able to continue to attend virtual meetings and feel a sense of connection to their co-workers while working remotely.
But, while video conferences have been useful for many organisations across a wide variety of industries, the increased use of technology also means increased cyber-risks. With employees working from home, and therefore potentially lacking the same cyber-security protections that your workplace may have, it is important that your organisation take precautions to ensure that the use of video conference software is safe. Take these steps in order to protect the data of your employees and your organisation:
As technology becomes more integrated into the workplace, good cyber-security practices are increasingly important. Contact us today to learn about cyber-insurance solutions.
Your organisation’s data and intellectual property are invaluable resources, but they also present a tempting target for cyber-attacks. If your systems are compromised, there may be irreparable harm done to your organisation’s finances, reputation and future. One of the most important steps in addressing cyber-risks is regulating what information is accessible, and by whom.
Many cyber-attacks occur due to a user’s account being hacked or compromised. With that in mind, your organisation should take steps to limit how much access each user on your network has. By doing this, employees and other users will not be able to access information that they should not be privy to and, if hacked, the attacker will not have as much access to your systems.
Take the following steps in order to maintain proper user access:
On 1st April 2020, the Supreme Court handed down a ruling that could influence the future of group litigation stemming from data breaches.
In the case of Various Claimants versus WM Morrisons Supermarkets, the court ruled that the company was not vicariously liable for a 2014 data breach that exposed the personal details of nearly 100,000 employees. The breach was caused by a former employee, who posted the information online.
Previously, the High Court had found that Morrisons was vicariously liable for the breach, but not directly liable. Under established law, an employer is vicariously liable for actions committed by an employee who was acting within their ‘field of activities’.
However, upon appeal, the Supreme Court overruled that decision, finding that the employee in question had not been acting within their normal duties, and had instead been carrying out a personal vendetta.
It is worth noting that this data breach occurred prior to the 2018 implementation of the General Data Protection Regulation (GDPR). While the Morrisons case was ruled upon based on the Breach of the Data Protection Act 1998 (DPA 1998), for future cases and those occurring after 25th May 2018, the GDPR will apply.
Regardless of the recent ruling, it remains of the utmost importance that employers take the necessary steps to protect their data. In Morrisons’ case, lower courts found no fault in their cyber-security measures. As such, the case was judged entirely based on the actions of the employee. However, had the organisation’s security measures been found to be faulty, the outcome of the case may have been different.