Truly Understanding your Legal Obligations in Remote Work
Updated: Nov 19, 2020
As a remote-first law firm, and a strong advocate for remote working arrangements long before COVID-19, we have seen two major errors presenting themselves as our world dives deeper and deeper into longer-term remote work.
At Remote Law Canada, we have always touted the use of comprehensive Remote Work Policies as the key for long-term success. These policies account for the length of the arrangement, communication guidelines, and health and safety obligations incumbent on both the employer and the employee, at a minimum. As our telework world is now almost certain to extend greatly into the future, it is especially important to contemplate many of the pitfalls that may arise when the working relationship is not properly accounted for.
The redistribution of resources that is allowing employers to wholly work from home now, further permits them to assist their employees in ways which they weren’t able to do so, previously. Communicating with your staff on a personal level, considering the unique challenges that are presenting themselves from a health and safety, and mental health perspective, as well as contemplating permanent flexible work arrangements for the future, allows employers to innovate and redistribute much of their wealth. Although the mass transition to remote work was initially done in a time of crisis, with no prediction yet available on how long the current crisis will last, employers can take steps now to ensure that the measures implemented permitting continuity of their operations is long-lasting, and does not lead to disputes or claims from employees, clients or partners in the future.
In addition to preparing your workforce for what will now be a long-term remote work scenario, cyberattacks are at an all-time high. Theft, ransomware attacks, breaches of client confidentiality and company privacy, and ensuing class actions are and will continue to be on the rise. As a result, ensuring that appropriate cybersecurity measures are in place is as important now than it has ever been.
Thankfully, armed with the right tools and information, you can prevent many of these threats and continue getting your work done. Before taking your own measures to protect your online security, it is important to check in with your employer to see if they have any protocols in place. Today, many organizations are hastily putting together work-from-home policies, but as stated above, comprehensive and enduring policies are vital.
Even if your employer has not contemplated such protocols, there are some simple steps you can take to protect yourself while working from home:
1. Use a VPN;
2. Set up two-factor authentication;
3. Set up firewalls;
4. Use strong passwords;
5. Use encrypted communications;
6. Back-up your data;
7. Use an antivirus software;
8. Secure any home routers; and
9. Beware of phishing emails.
VPN’s bypass geographic restrictions on streaming sites and other location-specific content. A VPN encrypts all of your internet traffic, so that it is unreadable to anyone who intercepts it.
Two-factor authentication and two-step verification involve an additional step to a strong password, and add an extra layer of protection to your accounts. These factors may include, for example, logging in with a username and password and entering a special token or code issued by a smartphone application. Multi-factor authentication should be mandatory for all users.
Firewalls prevent threats entering your system and create a barrier between your device and the internet by closing ports to communication. This can help to prevent malicious programs from entering and can stop data leaks from occurring from your device.
Passwords should be unique for every account and should comprise a long string of upper and lower case letters, numbers, and special characters. A password manager will create, remember, and autofill passwords for you: try LastPass.
Mainstream messaging services such as Signal, WhatsApp, and Telegram come with end-to-end encryption as default or as an option, if your employer has not encrypted your email communications.
While hardware backups are still an option, one of the most convenient and cost-effective ways to store your data is in the cloud. Cloud backup services come with a wealth of options enabling you to customize your backup schedule and storage options.
A good antivirus software can act as an additional defence mechanism by detecting and blocking known malware.
It’s important to take simple steps to protect your home network to prevent malicious parties from obtaining access to connected devices.
It’s highly likely that phishing emails will target remote workers in a bid to steal their personal information or gain access to company accounts. It is ever-important to train your staff and your workers on detecting and preventing phishing emails from seeping in.
The above checklist should identify some steps that may be taken to limit cyber risks during these challenging times. In addition to implementing these steps, it is especially important to provide information and training to your employees, to meet all of the above obligations. Furthermore, a Remote Work Policy is key for long-term success.
Contact us at Remote Law Canada at any time, for a full suite of remote-work employment law documents available.