03 December 2018 by Spencer Symmons
The gig economy is booming. Workers and businesses alike are seeing the benefit of temporary and contract staff, who can be hired to fill a temporary need without the resources and due diligence required for a full-time employee.
But one vitally important part of business protocol is all too often brushed under the carpet when it comes to dipping your toes into the gig economy. With staff coming and going having had the same level of access to company records and data as a regular employee would benefit from, could hiring freelancers create a monumental cybersecurity risk?
The short answer is yes, but it’s not quite as simple as that. Employees are often the weak link when it comes to a business’ cybersecurity threat anyway – 95 per cent of breaches are down to human error, with phishing attacks rising by 182 per cent in 2017. By outsourcing parts of your workload, you lose the element of control you have in a localised environment, with systems and software not being authenticated by your organisation. For example, the three most basic of Dropbox’s five account types fail to fully meet the standards set out by the GDPR, introduced earlier this year, meaning your data could be at risk.
Unsecured Wi-Fi connections can also be extremely dangerous. With freelancers often opting to work on the go, whether it be in cafes, on trains or in public coworking spaces, cybercriminals with even the most basic understanding of technology are able to access records of information sent and received over public, unencrypted Wi-Fi connections. Before you know it, a leak of confidential information comes your way – as it did for 43 per cent of businesses in 2017 – your company’s reputation is shot and you face the wrath of the GDPR.
How can we go about navigating the risks of a breach while continuing to benefit from the perks of outsourcing parts of our workload? While we may expect seasoned freelancers and independent contractors to uphold their own standards of cybersecurity, it still ultimately falls on you and your business to ensure that client data is safe. Confidentiality agreements may have been signed, but it’s never a given that anything outlined in such a document will cover you for the damage caused by a leak.
Luckily, the solutions are already out there. Virtual private networks are an inexpensive method of working securely via public connections and while Dropbox may not be up to scratch, there is a GDPR-compliant alternative for any given platform, be it cloud storage, communication or otherwise.
It comes down to starting as you mean to go on; by establishing your cybersecurity expectations from the beginning and holding freelancers to the same standards as you would a regular member of staff. By initially agreeing what is expected of the employee, vetting their devices and software prior to granting access to sensitive documents and making sure usual cybersecurity processes are continually followed throughout the duration of the contract, there is no reason that as technology advances, client information cannot remain as safe on the go as it is in your office.
This website uses 'cookies' to give you the best, most relevant experience. Using this website means you're happy with this. You can find out more about the cookies used by clicking this link.