Podcast: Covid-19, remote access, storage and compliance

In this podcast, we look at the implications for storage, backup and compliance with Mathieu Gorge, CEO of Vigitrust.

We talk about how organisations were not prepared for practically 100% of staff to work from home and how they must pay special attention to bandwidth and access to the systems and data required to ensure working continues as normally as possible.

What comes with that is the need to ensure staff have access to the right systems in terms of compliance and that they know what they can and cannot do with potentially sensitive data.

Antony Adshead: What are the implications of the Covid-19 crisis for storage, backup, compliance, and so on?

Mathieu Gorge: The main implication is that most organisations have applied a strategy of remote working because of the guidelines from governments and to adopt social distancing and to make sure everybody is safe and not at risk.

Remote working was not necessarily in place in all businesses and especially for SMEs; they were not fully prepared for that.

The next issue is bandwidth issues. Working from home, you may not have the right level of broadband.

Also, most of the providers are over-subscribed, so that brings the question: what is critical in terms of data and systems? What data and what systems do I need to access in order to work remotely?

Again, not every organisation was prepared to do that because they may not have had a proper storage strategy or proper remote access strategy, and potentially have not put in place the right systems that allow you to securely access the data and the systems required for the critical activities of the business.

Adshead: What can organisations do as regards access to data, storage, backup and compliance? What do they need to be doing right now?

Gorge: The key thing is to get access to the right systems and to do that, you need to work with your IT department, which, in turn, will probably work with the security and compliance departments.

What we’ve seen, unfortunately, is a major increase in malware and phishing attacks. The bad guys are using the crisis as a vector to try to fool people into donating money and providing confidential information, or to potentially trick people into providing access to remote systems.

And so you need to stay safe. I think that from a strategic perspective, organisations are applying their remote working policies and improving them as they go along.

This is completely unprecedented and so, while an organisation might have suggested that 20% or 30% of their staff might be working from home, they end up with practically 100%.

That is putting huge stress on systems and that is why it is critical for organisations to understand which systems, which applications, which records management solutions need to be accessed remotely to allow critical activities, and as we learn to work in that new norm, providing more and more access and more granular access to the right folks.

So, it goes back to understanding your ecosystem, mapping it out, making sure you know which is critical data and which isn’t, and critical systems, and making sure that you keep staff updated at all times about what they can and cannot do, and where they need to store the information. And make sure there’s no “spillage” of information, so to speak, where company information might end up being stored on employee devices or private clouds belonging to employees.

We need to make sure organisations manage all of that.

Again, standards – good storage and compliance policy can help. But they need to be granular and folks need to realise they apply to all staff, not just the standard remote staff.

So, I hope everybody stays safe and that we can manage to get through this crisis from both a business perspective and a personal perspective.