Governance, Risk & Compliance: GRC
Coronavirus Safeguards Mean Corporate Ghost Towns in China
James Green spoke with Compliance Week about the impact of the coronavirus on business in China and around the world.
- Read the article on Compliance Week, Feb. 27, 2020 (gated)
- James Green was the Director of Risk Advisory Services at SAI360 (formerly SAI Global)
Compliance Week writer Aaron Nicodemus called out a trend that Green is discussing with companies as the coronavirus (COVID-19) outbreak spreads: Remote access to work by employees. Enabling remote work opens up other potential problems such as data privacy, Green discussed.
From the article:
While businesses have had more time than usual to react to this “slow-developing catastrophe,” it does not mean they should cut corners on data privacy protection, said James Green, director of Risk Advisory Services at SAI Global. “We’ve been telling our clients they should plan for a long disruption” to their business because of quarantines and forced business shutdowns, he said.
It’s wise to have as many employees work remotely as possible, Green told Compliance Week. But remote work brings its own share of compliance risks, he said, because employees may be forced to access sensitive company data over unsecured networks.
“Ideally, you want employees to gain access to a company’s network only through secure channels,” he said. Companies should try, as much as possible, to keep in compliance with their own internal policies for protecting data, as well as the laws of the country they work in.
“You don’t want to create a second problem,” he said.
The Compliance Week article notes that four out of five data breaches in 2019 were caused by hacking or unauthorized access, according to a report released in January by the Identity Theft Resource Center (ITRC). Accessing sensitive company data from an unsecured network can open a pathway for both of these methods. Employee error, accidental web exposure, physical theft, and insider theft caused the remaining data breaches, the ITRC said.
Learn more about SAI360's business continuity solutions that support business impact assessments, crisis management, disaster recovery, and planning for resiliency.
Or, contact us to see how SAI360 has helped organizations like yours.