As remote work becomes an ongoing and long-term workplace option, employers should start thinking beyond workplace collaboration and IT security to include legal risks of managing a remote workforce. C-suite executives need to consider a range of risk management and compliance issues, as well as their approach to securing confidential information.
We recently partnered with the team at Hoge Fenton to discuss the topic. In a wide-ranging discussion, the Hoge Fenton team covered best practices employers should have in place to manage legal risks and otherwise comply with laws. Joe Foos, Development Director at ZAG, also discussed how employers can secure and protect their confidential information and remote team.
“So many times we talk to customers and they tell us, ‘Do we really have to worry about that?’ and the first thing I say is, ‘Have you talked to a lawyer about this recently?'”
— Joe Foos, ZAG Technical Services
If you haven’t considered the legal risk associated with remote work, we encourage you to watch the video embedded below. As Sarju Naran, Chair of Hoge Fenton’s Employment Law practice group said, “If you’ve got a distributed team, and many companies do, make sure you understand what your obligations are in each of the cities your employees work in.”
Personal devices and home networks
An important concept that Joe emphasized was the risks that come with personal devices and home networks. He noted that, “When it comes to home networks in general, they are not secure. More often than not, the employee will share their home network with their family or housemates. Employers cannot monitor all of the events that occur on a home network like they can a corporate network. Anything that people do on the same internet service that you are doing your work on is a risk. If at all possible, separate your home internet service from your work internet service.”
People often feel this is not important because they have a VPN, but that is not the case. VPNs can have vulnerabilities and entry points that hackers can target, and of course social engineering and phishing is an increasing threat.
“The employees are human and subject to error. As we all are. We really do need to automate a lot of our security practices.”
Now that the rush is over, what’s next?
Joe goes in-depth about the way businesses implemented remote access to allow employees to work from home. He noted that, “Most companies were not expecting to do this in a big hurry. They did everything they could as quickly as possible, and as a result we encounter a lot of [issues].” Joe lays out some excellent preventative tips to minimize these sorts of risks.
“Employers have a real concern with the remote workforce because they have to trust their employees with trade secrets, other intellectual property, confidential, and personal information.”
— Stephanie Sparks, Shareholder and Chair, Privacy and Data Security Team, Hoge Fenton
Addressing the legal risks that come with managing a remote workforce is not something that many executives needed to consider, until now. The ZAG and Hoge Fenton webinar above lays out the best practices to minimize any risk presented by working from home. It provides you with ways you can ensure your company is meeting the compliance laws set forth by local, state, and federal governments.
If you have any questions about the topics discussed in the call, reach out to our team today.