After the advantages of home office became clear, one should still not rush anything.
Because even if the whole world feels that it is necessary to slow down the spread of the corona virus, there are unfortunately people, organizations and even authorities and companies who take advantage of this situation.
The corona crisis has stirred up many minds. Many entrepreneurs are interested in a quick solution, forgetting the daily dangers of digital data processing that existed before the corona virus. People's privacy is sometimes trampled underfoot.
Edward Snowden recently spoke personally about the Corona crisis. The whistleblower warns against surveillance measures introduced in the wake of the corona virus, which could lead to this regulation being adopted permanently in legislation.)
I personally found Edward Snowden's interview on the current corona crisis very exciting.
In this context, I do not wish to offend any company and will deliberately refrain from mentioning names. But I would like to take this opportunity to ask you to critically examine the situation and reports!
Natürlich wird aktuell kein Unternehmen zugeben, dass sie Kundendaten an Behörden oder Dritte weitergeben werden. Die Unternehmen und Behörden selbst haben aus der „Snowden-Affaire“ gelernt, agieren vorsichtiger und wissen ganz genau, dass die Menschen eine solche Meldung beunruhigen würde und vielleicht sogar zu einem Aufstand führen würde. In einer solchen Situation kann es sich niemand leisten. Deswegen spielt sich alles im Hintergrund ab – ohne das jemand etwas davon mitkriegt.
And who thinks, "Oh, no one in Germany will take part." - is wrong.
"In the fight against the further spread of the corona virus, Deutsche Telekom, for example, is already supplying anonymous location data of millions of German mobile phone users to the Robert Koch Institute.” (Jörn Brien 27.03.2020: „Keine Überwachung geplant: EU einigt sich mit Telekom-Riesen über Handydaten-Weitergabe, yeebase media GmbH)
All right, now some people are thinking "It's "just" metadata." Then go one step further in the direction of practice.
Which tools do you currently use in your company?
Many tools for video meetings or telephone conferences have American third party processors, and the "Big Five" are also listed frequently. How do I know that? Because we ourselves were recently looking for a secure video and telephone system. The same applies to various team chats - and just think what sensitive information can be quickly forwarded in a team chat. And then finally we come to our favourite topic - cloud storage and customer databases. In my opinion, this is where the risk potential is at its highest. Where else do you store your sensitive data if not in the cloud?
At this point I would like to emphasize that even if many providers advertise on their website with "Made in Germany" and "Maximum data protection", in many cases this is not 100% true. A quick look at the order processing contract and technical-organizational measures is usually sufficient.
You should pay special attention to free offers, because they are usually not really free of charge. Rather, there is a "currency exchange" behind them, where you do not pay for your products with money, but with your data. This way you are no longer a customer but the product - how else can providers of such services afford such offers economically? How often do you hear in the media "Company XY" sells data to ... .". Also recently, the media reported that a popular video meeting tool that many use in the business environment is reselling your data to a major American corporation. How much would your data be worth? Unfortunately, data monetization is "normal everyday life" for large corporations these days.
Many companies are currently in the process of sending their employees to the home office - without first checking their working environment.
Many home computers do not have sufficient or up-to-date anti-virus protection and are already "contaminated" without the owners knowing it.
Even digital tools designed to facilitate communication and work in the home office are selected too quickly - without the data protection officer first looking into the subcontracting relationships or the contract processing agreement. However, data protection is also an important issue in the home office. Even more so than in the (hopefully) protected office environment.
An example: Many parents are currently working from home and at the same time looking after their children - hats off! This is not easy in most cases. But what would happen if an employee went to the toilet for a short time - without prior data backup and screen lock and the unneeded child then gains access to the PC or laptop. Data is deleted, sent or moved too quickly. Would this have consequences for your company? Do you have a backup of data in case data is accidentally deleted?
There are many things to consider in such a situation.
The fear and insecurity of the population is shamelessly exploited by cyber criminals. Sites that collect information about the COVID-19 development have malicious software on them. Cyber criminals equip sites with spy software to monitor the users. Emails with information about the Corona crisis are also provided with malware, whereby users unknowingly download malware.
In such attacks, covert screenshots, video and audio recordings are made via connected cameras and microphones. It is not even visible to the user whether the device is switched on, e.g. flashing lights on cameras.
Such attacks give hackers access to sensitive information and data. This includes not only holiday photos, but also e-mails, passwords, chat content, financial and payment data.
I would like to remind you at this point that with such data not only identities can be stolen, but companies could also suffer economic consequences. For example, what if customer data or chat histories could suddenly be publicly available on the Internet.
Therefore always - especially now - be aware of what you click and download on the Internet or in emails, so that you do not get infected with "cyber corona". Because such "traps" can also be behind free webinars, e-books or "Corona special offers".
This checklist does not claim to be exhaustive, but it does show what we consider to be the most important questions that employers should ask themselves before blindly rushing themselves and their employees into the home office.
Are my employees allowed to work in the home office?
What digital tools do we need?
What are our demands on these tools?
Are the employee workstations at home ready?
Once the framework conditions have been clarified, nothing can really go wrong. But what about the implementation?
For many employees and managers it is an interesting situation, but one that takes some getting used to. Do all colleagues know how work is done? Who is responsible for what? Do their colleagues get along with the tools? Does everyone know how and when to work with the tools?
Here the old principle "communication is everything" clearly applies. It is essential that you discuss with your employees beforehand what you are planning and what difficulties may arise. Take away any fears of not understanding the technology in advance by assuring your employees that you also have to get used to everything first and that you yourself are no professional. Nothing hampers productivity more than employees who spend hours "trying out" because they don't dare to ask!
In this sense: Have courage and enjoy your work!
Author: Nicole Smuga