Managing Layoffs: Data Security and Work From Home Employees

Across the globe, many employees still Work From Home (WFH), and by some estimates 25% of all professional jobs will be remote work by 2023. As the visibility of remote work continues to grow, it is apparent that many employees desire the option of remote work, even to the point of quitting if remote work is not an option. Work From Home is here to stay, so companies need to master the lifecycle of the remote worker to remain competitive.

In a volatile economic landscape, sometimes you need to make difficult decisions as a business owner. Workforce Reduction (WFR) is an unfortunate reality of running a company. As remote work remains popular, it will be necessary to have a coherent system for offboarding under-performing WFH employees.

Since these individuals work in disparate locations away from a central office, how do you ensure your company data is protected as you reduce the workforce?

Work From Home Unified Endpoint Security

Protecting company data on various operating systems when employees work from home is challenging, to say the least. In data security, endpoints are the physical means by which the company network or resources are accessed. Remote employees have endpoints located where they work, often cell phones and computers they utilize at home or local coffee shops. This larger attack surface increases the difficulty of closing network gateways in the event of a Workforce Reduction. As in all situations when it comes to securing data, a responsive, expedient process is essential. Steps have to be taken quickly to ensure that your company’s data is protected.

The first step to streamlining the termination process for remote workers happens before anyone is laid off: install an Endpoint Security Software like DriveStrike. DriveStrike offers location services, remote locking abilities, and data destruction options. These services are key to protecting sensitive company data, especially if you do not have physical access to the devices in question. It is critical to have this software installed before any layoffs happen; this allows your company more latitude to engage any perceived threats to your data while offboarding an employee.

There are additional challenges when companies allow employees and/or contractors to use their personal device to access and potentially store company sensitive data on their devices. Ensure you have a clear Mobile Device Acceptable Use Policy and Remote Wipe Waiver in place to avoid any liabilities for destroying personal devices used to access or store company data.

 

Workforce Reduction and Work From Home Employees

When a business is undergoing a Reduction in Force (RIF), individuals who work from home introduce additional logistics to an already chaotic situation. As employees navigate the end of their employment, it is easy for mistakes or vulnerabilities to be exploited. Even with the best of intentions, being laid off is unsettling and employees may become confused and careless leaving some data unwittingly exposed.

The employee may not consider his or her actions to keep some of the data against company policy. Ponemon Research found that around half of those they surveyed admitted to taking information from a previous job for future use. Your remote worker may not realize that the company retains the rights to projects, not the staff that works on them. That incorrect assumption can lead to data being copied and provided to unauthorized individuals, which can cause damage to the company.

This concern is simple enough to address. When you are forced to terminate remote employees who work from home, clearly outline what is expected for the employee’s data and usage of company material. Utilizing your legal counsel, draft a severance agreement for the employee that outlines the company’s control of all intellectual property. Discuss this with the employee verbally and provide it in writing as soon after the initial layoff discussion as possible. A candid discussion about these concerns limits the opportunity for any data security incident to happen due to false assumptions.

Threats from ‘Former-Insiders’

Retaining proprietary data can be an honest mistake, without malice; in these cases, a simple conversation can end or prevent a data breach. Unfortunately, this is not always the case.

While no one wants to assume that their former employees could have bad intentions, malicious actions by those individuals can cause massive reputational and fiscal damage. If the employee feels mistreated or harbors anger toward the company about being let go, stolen data might be leveraged as a form of revenge. Cyberhaven’s report The Great Data Heist found that the risk of data exfiltration rose 109.3% the day of an employee’s termination.

 

While a severance agreement provides clear instructions and outlines what is expected and acceptable with the data and equipment, this may not protect you if the remote worker has nefarious intentions. In some cases, the cost and reputation considerations make it risky to engage in a legal battle with a former employee who keeps a work computer or mobile device.

How can your organization protect its data from a malicious insider (or former-insider) threat?

Addressing a Threat

There is always a chance that your Work From Home employee could react poorly and leverage the data they have against you. If an employee begins making threats or statements alluding to removing data, it is best to err on the side of caution and take appropriate steps to safeguard your material.

DriveStrike’s Remote Wipe provides the means to delete all data on a device with a few quick clicks. The responsive, fast deployment of the data wipe command protects your company from any hostile intent or accidental negligence. From a secure online console, machines running any of the major operating systems can have their entire hard drive erased, removing sensitive information from the hands of the former WFH individual.

It is also important that your IT staff is prepared to revoke access to networks and reassign licenses to save money and close potential ‘backdoor’ entrances to your proprietary data. Switching licenses over and removing WFH individuals from cloud platforms and accounts not only protects your network, but it also saves your company money.

Be aware of all appropriate laws, the mobile device management system that your company uses, and the pertinent contracts the employee signed. Accounting for these details in an Incident Response Policy can save time when handling a potential threat.

In addition to wiping a machine remotely, there are other ways to protect company data and endpoints. DriveStrike’s online console seamlessly integrates the ability to Lock and Recredential devices remotely. This renders a company device unusable as the former employee cannot gain access to the machine for personal use. While this does not mean that the former employee will return the device, it does disincentivize the theft. (The severance agreement should outline that the device lock is a step that will be taken as soon as the employee has completed his or her last day of work, or if there is a concern for data safety at any point before then.) Your company can also utilize DriveStrike’s Location tool to check on the device’s location, as well as log where the device has been for auditing or legal purposes.

Finally, one of the most important endpoint protection tools is drive encryption. Encryption will prevent unauthorized access to a machine’s hard drive even if it is removed. Along with its Remote Wipe, Lock, and Location services, DriveStrike provides encryption management options including BitLocker integration for Windows machines.

Streamlining the Process

When it comes to laying off Work From Home employees, multiple devices (potentially in multiple locations) need to be handled remotely, therefore a streamlined process is needed to make data management cost effective and timely. By combining location services, encryption management, locking, and remote wiping capabilities, DriveStrike simplifies data management for businesses of any size. The workforce reduction process for Work From Home employees can be complex, but with DriveStrike, securing your data doesn’t have to be!

About DriveStrike

DriveStrike is an all-in-one endpoint security solution that integrates Remote Locate, Lock, and Wipe services with Encryption management in one secure online console. Begin defending your data today with mass deployment options for phones, tablets, and computers on any operating system. Start your 30 Day Free Trial and begin protecting data today with DriveStrike!