By now, COVID-19’s stress tested the teleworking facilities of most, if not all, organisations. In a time of “social distancing”, technology’s key to staying connected, which is vital for business continuity.
How can you use technology to help better eliminate bottlenecks in processes and facilitate communication with customers, business partners and employees? And how can you avoid being exposed to greater cybersecurity risks as your communication opens up and processes are increasingly automated to cope?
Just like in other crises, we’re seeing hackers exploit these times of change and uncertainty for malevolent purposes. There’s a big surge in phishing emails, attempts to compromise business email and use of malware to harvest user credentials or demanding payment. In light of these challenges, all businesses must revisit their (cyber)security policies and measures and maintain a sound cyber team on call, or ask their IT partners to do so.
Times of change and uncertainty shouldn’t preclude organisations from operating based on their values as well as applicable laws and regulations, including the privacy of their workforce and business stakeholders.
To mitigate the impact of COVID-19, organisations may need to process more (personal) data or process it differently, e.g. collect information about a possibly affected workforce or process data to monitor the whereabouts of teams to protect the security and safety of its people and broader business. While principles such as proportionality, lawfulness, transparency and security continue to apply, the General Data Protection Regulation (GDPR) provides a certain level of flexibility under its risk-based approach to enable companies to take on the crisis and challenges of today while remaining in compliance with data protection and privacy rules.