Published by Chris Madden on 31 March 2020
Last updated 31 March 2020
When our prime minister announced on Monday 23 March that the nation would be under a variety of restrictions unprecedented in peace-time, we all had to adapt very quickly and rapidly implement business continuity plans.
For many people, this meant working in a way that they are not used to, all whilst making huge changes to their personal lives such as childcare, travel and essential shopping.
All of this represents a heightened risk to businesses, and with an extended period of disruption expected, we have summarised some points you will want to review to keep your business protected:
IT and cybersecurity
- Consider whether downloading apps to a personal device is safe – get it wrong and the business IT system could also be compromised.
- Be vigilant – Cyber criminals know people may be unused to working from home, under pressure and are looking to exploit that.
- Test your resilience – it may be a good time to perform a Phishing test. Many providers offer this test which can then be used to educate on what to look for in a cyber-attack.
- Keep patches and anti-virus software up to date. Ensure teams working remotely have an appropriate level of security in place.
Data protection – GDPR
- The ICO has not relaxed GDPR regulations – you still need to conduct your usual checks and report any incidents as usual.
- If you print documents of a confidential nature at home, ensure they are disposed of correctly through a shredder.
Health and safety
- For those working at home, it is imperative that your workstation is set up correctly. The same ergonomics apply as if you were in your usual working environment.
- Social distancing adaptations should be applied. As an employer you remain responsible for health and safety in the workplace and there may be reasonable adjustments you will need to make.
Law and regulation
- Employment law remains a key part of the rights of employees and workers. When considering any decision as a result of COVID-19, do ensure you conduct yourself in the correct manner.
- Only claim what you are entitled to from the Government. The package announced is designed to support businesses and their employees, and there are rules that are or will be put in place which must be adhered to. There remains the right for government to audit claims in the future, with clawbacks and even penalties potentially levied for false claims.
- Maintain process and authorisation controls – this may be a more digital approach but should still be adhered to (remember to undertake a Data Protection Impact Assessment for each change of process). Impersonating the CFO to pressure someone in the organisation to make a payment is a well-known risk, for example. Any new payments should always be corroborated by using a different method to contact the person requesting the payment to be made.
- Uphold your standards and approach to delivering products or services to your clients. It is typical for employees and business owners to feel pressure to deliver, but critical points of the process should still be adhered to.
Remember to keep communicating
- Make sure you keep in touch with your clients, customers, employees and suppliers. The dramatic change in operations for most businesses will understandably be prioritised but in times of crisis but it’s important to remember to keep communicating with your key audiences.
Please note that these points are not exhaustive, and you should remain vigilant throughout these difficult times.
For further information on this topic, please speak with your usual Kreston Reeves contact, or complete our enquiry form here and one of our experts will get back to you.