Perils of remote-working from the use of technology for all stakeholders

Thanks to the evolution of internet tools that allow us to do things like video chat, conference calls, web presentations, and webinars, businesses and entrepreneurs are leveraging these tools as a means to keep business flowing in the absence of meetings and events.

According to Kate Lister, president of Global Workplace Analytics, 56% of the U.S. workforce holds a job that is compatible (at least partially) with remote work. Post-COVID, she predicts that the percentage of workers could increase to a quarter of the entire workforce population.

Our best estimate is that 25-30% of the workforce will be working-from-home multiple days a week by the end of 2021.

Kate Lister, President of Global Workplace Analytics

Some businesses have fully embraced this “new normal” as the way of the future. Based on a recent report from Gartner, nearly three in four CFOs plan to shift at least 5% of previously on-site employees to permanently remote-work positions post-COVID 19. This month, after announcing that Twitter will adopt a permanent remote-work policy, CEO, Jack Dorsey recently extended the same courtesy to Square employees.

Source: Gartner (April 2020)

Technology has also made working from home ubiquitous for members of the distributed workforce. Although there are obvious benefits for both employees and employers, preparation and controlled execution is key to mitigating all kinds of risks that can ruin a good plan.

Cybersecurity & data breach

Security has been a critical issue for years.  We’ve all seen the headlines of data breaches occurring at large enterprises like Yahoo, Equifax, etc.  When working from home or somewhere other than a corporate location, a whole new set of parameters comes into play.

In recent Forbes article, the Forbes Technology Council recently shared its 15 Effective Cybersecurity Strategies for Your Remote Workforce. The recommendations were published to help your remote workforce adapt to and comply with cybersecurity measures that are designed to protect sensitive company data from hackers.

When planning, employers should begin with the following questions:

• Do remote workers have a secure Wi-Fi connection?
• Are employees using their personal devices and versions of software to connect with colleagues, or are they using the company’s virtual private network?
• If they have a tech support problem and think their security has been compromised, how do employees reach the help desk?

Phishing threats

The great thing about email is that it allows you to exchange messages anytime, anywhere, with anyone. The bad thing about email is that it allows you to exchange messages anytime, anywhere, with anyone.

We are hearing from many clients and law enforcement that the level of cyberattacks, phishing attempts and scams occurring in light of COVID-19 has grown dramatically

Miriam Wugmeister, Partner and co-chair of law firm Morrison & Foerster

Phishing attacks are purposeful and deliberate. In practice, phishing attacks must be profitable for the perpetrator. Attempts to gain your confidence aren’t targeted exclusively against the elderly, but possibly a distracted multitasker. The act begins with a bad actor sends an email disguised as an authentic or from a trusted party with the intent of stealing information.

Liability starts when you’ve done little or nothing to protect this from happening after an event. Even if a remote worker is using a personal device, access to secure business data can be acquired through malicious code or other confidence-gaining techniques.

Online activity

Creating engaging content for prospects, suppliers, and partners which help to drive sales requires being virtually everywhere your audience is present online to remain competitive. Often, it includes interacting with others via comments on a thread or in a chat session. It’s important to be aware however, that what’s said online, stays online (whether it’s virtuous or nefarious).

Legal liability can occur when a simple line of text in a conversation, advertisement, or image carries the potential to be false, harmful, or infringing. Not saying that it’s less likely to happen on the company’s business premises but, generally, in a more controlled business environment, support systems and, security training exists that can help curb the perception of independence and freedom to speak one’s mind when the lines get blurred under a live/work environment.

Web conferencing

The recent spike in the use of Zoom has put a spotlight on the vulnerabilities associated with web conferencing exploits. SecurityBoulavard defines Zoombombing as “When an unauthorized person or stranger joins a Zoom meeting/chat session and cause disorder by saying offensive things and even photobombing your meeting by sharing pornographic and hate images.”

Although Zoombombing is specific to Zoom’s platform, the act itself demonstrates the need for security hardening to avoid potential information leak as well as brute force attacks elsewhere.

What’s next?

The Covid-19 pandemic has forced everyone in the workplace to quickly ramp up their understanding and knowledge of the risks that exist in a remote working landscape. Yes, there are traps and potholes on the road to avoid but, the future is promising and prosperous.

When evaluating insurance coverage for potential losses due to remote work activity, businesses will need to make sure that they understand exactly what the policy terms mean and what events will and/or won’t trigger a claim. For instance, will it cover regulatory fines, third-party indemnity, business loss, business interruption, etc.?

Beard|Daily can help you close the gaps that may be present in your existing coverage, help you identify vulnerabilities, and navigate the risks as we enter a post-COVID economy.