COVID-19: Secured Workforce during MCO
As the number of the confirmed positive cases and death cases of the pandemic COVID-19 continue rises even under Movement Control Order in Malaysia, the Prime Minister, Tan Sri Muhyiddin Yassin announced the extension of MCO for another two weeks until April 14. The extended MCO will certainly impact incomes and cash flows. How could the companies in Malaysia keeps their employees at safe during the virus attack and sustain their business at the same time?
Most of the companies comply the MCO and urged employees to work from home with company-owned or dedicated mobile devices. Ideally, companies may want to include IT asset management in their business continuity plan in order to remotely secure and protect the important company data. With mobile device management (MDM) system, companies are able to detect person who access their data by scanning and blocking devices with vulnerabilities. Here are some steps for companies to ensure proper and secured workforce at home:
- Sign out and track all IT assets that are being taken home.
No IT assets should be allowed to leave a company site for the first time without formally accounting for each movement.
- Make sure solid firewall and passcode protections are in place for accessing company systems.
Companies and agencies that plan properly will “scale up” to accommodate a shift in traffic from the workplace to remote access.
- Consider requiring employees to sign a non-disclosure agreement (NDA) about the data they will have access to outside the office.
The data is often significantly more valuable than the IT assets in which it is contained. Vital company information may be at stake and an NDA sends a message to employees that they have serious responsibilities that must be honored and respected.
- Provide education and training to employees about how to responsibly manage their equipment and the company’s data.
For example, parents accustomed to allowing a child or spouse to use a personal smartphone or computer must be coached to avoid doing so with company IT assets. Companies may also forbid the use of company IT assets on public Wi-Fi networks, such as coffee shops and fast-food restaurants.
- Monitor employee data use and other remote practices.
- Tighten the reins on Bring Your Own Device (BYOD) practices. The longer someone is out of the office, the more likely they will do company business on their personal smartphone, computer, tablet or other BYOD asset.
If the employee’s contract or policy language does not give the data rights to the organization the IT asset manager will need to make an addendum giving the rights to the organization. The employee may own the device, but the work-related data is completely owned by the company.