In the past, working from home was an option for freelancers and companies who were willing to cut operational costs and improve employee work-life balance. But COVID-19 has changed the way we work and forced many companies to adapt quickly and support remote working. They had to create a virtual work environment that allowed teleworking to be productive and keep their jobs safe, while also addressing the information security challenges of remote work.
With the help of the requirements of ISO 27001 for information security risk management, and the security controls of its Annex A, this task can become less complex and allow you to take full advantage of teleworking with the least risk.

Remote working security challenges

Besides its many benefits, remote working has some challenges and information security risks. These include unauthorized access, breach of sensitive information, and modification or even destruction of data. Considering that employees are outside the organization’s environment, they will be using mobile devices for remote access from home or public networks, which may not have the best security controls. Insufficient information and communication policies, along with a lack of clearly defined procedures, can cause nightmares for companies, including financial loss and non-compliance with regulations such as the EU GDPR.

Which control of the ISO 27001 standard speaks about remote working?

An Information Security Management System based on ISO 27001 requirements and controls helps us to take precautions against these information security risks. ISO 27001 consists of 10 sections and reference control objectives and controls stated in Annex A of the standard. There is also another standard, ISO (Read more...)