The ICO has published ‘Working from home – security checklists for employers‘ which advises that time should be taken to ensure that homeworking solutions are being used securely. General principles include: (a) have clear policies, procedures & guidance for staff who are remote working; (b) use the most up-to-date version of the remote access solution; (c) staff have been reminded to use unique and complex passwords; and (d) check that multi-factor authentication is available and configured it where possible. Advice and checks to be made is provided under the headings: bring your own device, cloud storage, remote desktop, remote access to corporate software applications and email. For example, under ‘email’ employers should check that National Cyber Security Centre guidance on defending against phishing attacks has been implemented and staff have been advised to use corporate email solutions only and not to use their own accounts for the storage or transmission of personal data.
This provides summary information and comment on the subject areas covered. Where employment tribunal and appellate court cases are reported, the information does not set out all of the facts, the legal arguments presented and the judgments made in every aspect of the case. Employment law is subject to constant change either by statute or by interpretation by the courts. While every care has been taken in compiling this information, we cannot be held responsible for any errors or omissions. Specialist legal advice must be taken on any legal issues that may arise before embarking upon any formal course of action.
