The COVID-19 pandemic has supercharged the work-at-home model, thrusting many companies into a suddenly distributed work force without the proper preparations, leaving their valuable IP at risk. Are you taking the proper steps to protect your IP?
Think for a moment about information vital to your business and maintaining your competitive edge, namely your employees, customer lists, R&D, new products, new systems, good financial news, and bad news. What would happen to your company’s future success or your brand if these were compromised or exposed? What do you know about your employee’s work-from-home setting? Who can overhear conversations? Is there an Amazon Echo or Google Home in the room where your employee works? Are they using a shared printer on a home WiFi network? Do they have personal and business accounts on the same device? Is the remote camera always turned on? Have they left a laptop and work papers on the dining room table?
We know secure infrastructure, encryption, and authorized access measures are essential, but people are the heart of the matter. Beyond a remote security strategy, companies need to put processes and protocols in place and regularly educate their workforce about following them. This can’t be a “one and done” effort, as work habits will change again in the months ahead. As sheltering in place eases, the propensity for your employee’s work activity to shift from “at home” to other private and public locations is high. How do you feel about employees with sensitive information working from coffee shops, a nearby park, their friend’s house, or a vacation spot?
Taking action is important. Here are some ways to get started. Set your policies for working remotely with well-defined rules about acceptable and prohibited behaviors. The clearer you can make the do’s and don’ts the better. Keep them up-to-date and remind your workers often. Case in point: phishing and other email scams are on the rise and capitalizing on the COVID-19 crisis. Is that email from the CEO legitimate or fake? Education is the best prevention to avert issues, staying current and promoting awareness is important.
Some companies require employees to sign confidentiality and remote work agreements. They are good steps, but by themselves may not be enough unless coupled with solid practices of classifying information as sensitive, confidential, private, etc., and being clear about who in your company has permission to see and share it. It is hard to enforce a confidentiality agreement if confidential information isn’t defined. Furthermore, this may mean improving IT security and more diligent use of role-based access, as well as adding password and protection levels on files and documents.
The stress on our workforce from the pandemic is very high. What steps are you taking to keep your employees engaged and assured? It is no secret happy employees will be more likely to keep the company’s information confidential. Employees that are disgruntled or feeling abandoned are not. Now is the time to communicate with your teams, stay connected and maintain camaraderie.
Keeping track of and protecting our IP is getting more complex, and the human and technology aspects of the equation need to be balanced. Time is of the essence to educate the workforce about the good and bad behaviors to avoid breaches and keep our IP out of the hands of the wrong people. Many companies with a remote workforce model have addressed their security and IP protections and were in a better position when COVID-19 hit. This doesn’t happen overnight, so seek out the specialists, prepare to budget money, and get moving.