How To Keep Your Data Safe In The New Digital Employment Environment

• Published date: 05 January 2021
• Subject Matter: Employment and HR, Privacy, Technology, Employee Rights/ Labour Relations, Data Protection, Security
• Law Firm: Maravela, Popescu & Asociatii
• Author: Mr Daniel Alexie and Cristina Crețu

1. Introduction

Using the digital environment for work related activities entails risks that are enhanced by the continuous digitisation of the society. Such risks include an increase in the number of cyberattacks that can lead to security breaches, including personal data breaches.

Therefore, it is important for companies to make sure that the risks mentioned above are contained and minimized.

As mentioned in our session on the new digital-centric employment environment at the GoTech World 2020 - Face the new reality event, more than half of Romanian companies intend to allow employees to work from home in the next 6 to 12 months, as a result of the Covid-19 pandemic.

In this context, it is obvious that the number of cybersecurity attacks targeting employees will increase. The main reason for this increase is the fact that most employees are not yet used to the new digital-centric employment environment and to the measures they should follow when working from home in order to keep company systems, information and personal data secure.

In this respect, companies need to understand and properly identify the relevant risks in order to implement the appropriate measures in order to mitigate the same. The responsibility lies not only with the company but also with its employees. At the same time, it is important to engage in a timely manner cybersecurity experts and lawyers specialized in data protection and cybersecurity in order to identify and understand the risks and implement adequate measures to mitigate the same.

2. The number of security breaches has increased during the COVID-19 pandemic

According to cybersecurity experts, the COVID-19 pandemic can be considered the largest-ever security threat to date, affecting all industries. The most targeted industries are the healthcare and financial ones.

The factors that determined the increase in cybersecurity attacks vary from industry to industry and from country to country. Nevertheless, there are some commonalities across industries, namely:

1. work is often carried out outside the secured infrastructure of the employer, from the employees' homes; therefore, instead of one secured centralized IT environment, there are now a plethora of individual and less secure IT environments used to conduct work that will be speculated by cyber-attackers;
2. employees are using unsecured and/or unencrypted devices (including unsecured wireless networks) to access work-related information;
3. insufficient use of virtual private...