Remote Working: Top 10 Tips for Ensuring Secure and Compliant Communications

The COVID-19 pandemic has transformed how we communicate and collaborate. Almost overnight, the entire working population became home workers, and global demand for instant messaging, video conferencing, and other online collaboration tools surged.

Zoom has emerged the leader of the pack, with 300 million participants meeting daily. Following in Zoom’s footsteps are Microsoft Teams and Slack, which have reported 75 million and 12 million active users daily, respectively.

While internal and external communications channels have had to change, regulatory obligations have not. In times of crisis, surveillance, monitoring, and archiving of electronic communications are more important than ever before.

John Russo, VP Compliance Technology at Global Relay, and Michael Asher, Chief Information Officer at RFA, recently teamed up to explore best practices and guidelines for remote working, in a webinar called ‘A New Framework for the Virtual Workforce’.

Remote Working Compliance: Top 10 Tips

1. Issue indisputable communications guidelines. Ensure that all employees are aware of the communication channels they are permitted to use (and those they are not), and be transparent about the types of information your firm is capturing.
   
   
2. Capture all data required for regulatory compliance. Ensure you are successfully capturing and preserving all relevant staff communications, in line with regulatory requirements.
   
   
3. Determine whether new communications channels are a strategic fit. Study the long-term ramifications of new communication technologies before adopting them, and ensure that you can preserve all newly captured data, in a usable format.
   
   
4. Ensure monitoring of all devices, for compliance. Be extra vigilant about the different devices your staff is using to conduct business, and ensure they have appropriate security controls – whether the devices are owned by your firm or your employees.
   
   
5. Detect all anomalies, in a timely manner. Deploy managed detection response solutions, on both corporate and employee-owned devices, which can easily identify communication trends and promptly act on anomalies and threats.
   
   
6. Safeguard network security. Check all employees’ home networks for security, and where necessary consider implementing additional controls and processes (e.g. a VPN to protect your corporate network), for added protection. 
   
   
7. Check your policies and controls: Review all regulatory and supervision policies, ensuring that they are robust enough to alert you to violations and potential breaches.
   
   
8. Be wary of increased cybercrime. Run phishing checks and perform regular cybersecurity and network penetration tests, to safeguard your business and your customers from malicious online attacks.
   
   
9. Be hyper vigilant to situational threats. Evaluate your workforce, identify weak links and address areas of sensitivity. For example, a husband and wife working side-by-side may unwittingly create privacy and security risks.
   
   
10. Beware of unauthorized usage, now and in the future. In a March 2020 survey by Gartner, nearly a quarter of financial services CFOs said they will move at least 20% of their on-site employees to permanent remote positions, when pandemic restrictions are relaxed. Financial firms must continue to test for usage of unsupervised channels, unauthorized devices, and unsecured networks, to ensure security and compliance. 

While the COVID-19 has forced a new way of working, there is no defensible reason for communications compliance to come under threat. With careful planning, it is entirely possible to meet regulatory obligations and avoid enforcement fines, quickly, efficiently and cost-effectively.

Watch the full webinar here.

For more information about compliant communications and collaboration,
call +866.484.663 or +44 (0) 20 3206 1850 UK, or email info@globalrelay.net.