Featured Article – Maintaining Security During The COVID-19 Health Crisis

The current global health crisis may bring many different IT security challenges to businesses and organisations and this article highlights some of the ways that you can prepare to keep IT security covered as best you can at this difficult time.

Larger and Smaller Businesses – Some Different Challenges

Larger organisations may be at an advantage as they may already have policies, procedures, equipment and security arrangements in place for remote working, although they may find themselves more stretched as many more staff work from home than usual.

Smaller businesses and organisations, however, may be less well used to and equipped for suddenly having to send staff home to work. This means that they may have a lot more work to do now in order to prepare, and their IT personnel will find themselves needing to prioritise and be prepared to provide more on-demand support over the coming weeks.

Guide

Even though larger and smaller companies may have different challenges on a different scale, here is brief guide incorporating a list of suggestions that could help many businesses and organisations to stay secure while employees, contractors and other stakeholders are working remotely:

– Alert all staff to the possibility of email-borne threats and other social engineering attacks.  For example, over the last few weeks, cybercriminals have been sending COVID-19 related phishing emails e.g. bogus workplace policy emails, emails purporting to be from a doctor offering details of a vaccine/cure, emails with a promise of a tax refund and more.  The message to employees should be to not open unfamiliar emails and certainly don’t click on any attachments or links to external pages from any suspect emails.

– Make sure that any software and software-based protection used by employees working from home is secure and up to date.  For example, this could include making sure their devices have up to date operating systems and browsers, firewall software and anti-virus software is installed and up to date, and make sure that employees install any new updates as soon as possible.

– Ensure that any devices used by employees are managed, secure (have downloaded trusted security apps), have appropriate protection e.g. data loss protection, updated anti-malware, and a capacity to be centrally monitored if possible. Ensure that all devices, including employee mobiles (which can carry confidential information), are password-protected, and can encrypt data to prevent theft.

– Monitor the supply chain arrangements where possible.  If a supplier is geographically remote, for example, and if the Covid-19 crisis has left a supplier short of qualified IT and/or security staff, or if contract staff/cover staff, or unfamiliar staff members have been brought in to replace staff members e.g. particularly in accounts, this could present a security risk.  Taking the time to conduct at least basic checks on who you dealing with could prevent social engineering, phishing and other security threats, and exercising caution and offering your own known secure channel suggestions where suppliers may be short of  IT-security staff could help to maintain your company’s security posture.

– Although employees are likely to stay at home in the current situation, you will still need to make sure that they are made aware of your policy about accessing information on public or unsecured networks e.g. using a VPN on mobile devices to encrypt data.

– Make sure you have a 24-hour reporting procedure for any stolen or lost equipment/devices.

– Pay attention to user identity management. For example, have a user account for each employee, and give appropriate access to each employee.  This should help to prevent unauthorised access by other persons.  Also, control which programs and data each employee has access to, and which level of user rights they have on certain platforms.

– Make employees aware that they must use only strong, unique passwords to sign-in to your network, and that these details should be changed regularly e.g. every 3 months.  Also, make sure that multi-factor authentication is used by employees.

– Stay on top of managing the workforce and general daily operations.  For example, make sure that key IT staff are available at all times, communication channels and procedures are clear and functioning, handover procedures are covered, any sickness (which looks likely) can have cover planned, and that productivity targets can be met despite remote working.

– Remind employees that they still need to comply with GDPR while working remotely and ensure that help and advice are available for this where needed.

– Use this experience to keep the company’s disaster recovery and business continuity plans up to date.

– Schedule regular, virtual/online meetings with staff and ensure that all employees have the contact details of other relevant employees.

– If you’re not already using a collaborative working platform e.g. Teams or Slack, consider the possibility of introducing this kind of working to help deal with future, similar threats.

Looking Forward

At this point, the country, businesses, and many individuals are thinking more about survival strategies, but taking time to ensure that IT security is maintained is important in making companies less vulnerable at a time when operations don’t follow normal patterns and when many cybercriminals are looking to capitalise on any weaknesses caused by the COVID-19 health emergency.

Cybercriminals Take Advantage of Covid-19 Outbreak With Phishing Emails

Some cybercriminals have already taken advantage of the fear surrounding the Covid-19 outbreak by sending out phishing emails that promise cures, seek donations, or heighten panic in order to extract personal data and money.

Phishing For Fear

Cybercriminals rely on exploiting human error that’s often driven by emotional responses.  The coronavirus outbreak has, therefore, provided scammers with a near-perfect opportunity to exploit the heightened the level of fear and to offer things that will take that fear and panic away as a motivation for a person to click on a link.  Clicking on a link in a phishing email, however, means having malicious software loaded onto your device that can allow cybercriminals to take control of your computer, log keystrokes, gain access to your personal information and financial data (for theft and identity theft), or simply direct you to a payment page.

Examples

Examples of the kinds of corona-virus related phishing emails which have been spotted over the last couple of weeks, and could be coming to an inbox near you, include:

– As reported by Proofpoint, an email purporting to be from a doctor offering details of a vaccine cure that’s been kept secret by the Chinese and UK governments.  Clicking on the link promises access to the vaccine cure details.

– Workplace policy emails that target employees in a specific company/organisation and encourage them to click on a link that will take them to their company’s Disease Management Policy.  Clicking on the link will, in fact, download malicious software that can provide a way into the company network.

– As reported by Mimecast, using the promise of a tax refund for coronavirus, directing the target to click on a link to input all their financial and tax information and with the lure of gaining access to (bogus) funds.

– Asking for donations for a fake campaign to fund the fast development of a Covid-19 vaccine.  In this scam, the victim is directed to a bitcoin payment page.

– As reported by Proofpoint, an email purporting to be from the World Health Organization (WHO) that offers a fake document with information about preventing the spread of coronavirus, where clicking on the link actually leads to the downloading of keylogging software (criminals can track your keystrokes to uncover passwords).

– Emails that exploit feelings of panic, such as an email that claims that Covid-19 has become airborne and asks the target to click on a link to a fake Microsoft login page.

Spotting Phishing Emails

Many phishing emails have giveaways that you can spot if you know what you’re looking for.  Examples of ways in which you can identify a phishing email include:

– Online requests for personal and financial information e.g. from government agencies are very unlikely to be sent by email from legitimate sources.

– Beware of generic greetings. Scammers are less likely to use your name to personalise the email greeting and title.

– Mistakes in spelling and grammar can be signs of scam emails.

– Check the email address by hovering your mouse (without clicking!) over the link in the email. This can quickly reveal if the email is genuine.

– Beware of heavy emotional appeals that urge you to act immediately.  These are signs of scam emails that hope to bypass your reasoning and tap into an emotional response.

What Does This Mean For Your Business?

Scammers often use phishing emails when there is/has been a recent crisis, when there’s been fraud/cybercrime that’s affected lots of people, or on other such events to take advantage of those who are looking for help and answers.  Scammers know that where emotions are strong and where they can tap into that by offering relief from negative feelings and by saying what people want to hear, they are more likely to achieve their aims.

In the case of coronavirus, although companies and organisations are issuing statements related to it, the best advice is to simply check the information that is given out through trusted, official sites such as the NHS https://www.nhs.uk/conditions/coronavirus-covid-19/, the World Health Organisation https://www.who.int/health-topics/coronavirus, and via trusted TV and radio stations.

Crisis or not, always exercise caution when you receive emails from unknown or unusual sources and remember that government agencies and financial institutions don’t send out emails asking for personal and financial information.

Companies also need to alert employees, many of whom may soon be working from home and may have a reduced ability to quickly ask the boss or manager about certain emails, to the threat of phishing emails with a Covid-19 theme and to the threat of social engineering attacks that could take advantage of a physically divided and reduced workforce.

Surge In Demand For Teleconference Apps and Platforms That Enable Home Working

The need for people to work from home during the Covid-19 outbreak is reported to have led to a huge increase in the downloads of business teleconferencing apps and in the use of popular cloud-based services like G Suite.

Surge In Downloads

Downloads of remote and collaborative working and communication apps such as Tencent Conference (https://intl.cloud.tencent.com/), WeChat Work (from China), Zoom, Microsoft Teams and Slack are reported to have risen by a massive fivefold since the beginning of the year, driven by the effects of the Covid-19 outbreak.

For example, services such as Rumii (a VR platform, normally $14.99 per month) and Spatial, which enable users to digital meetings in virtual rooms with 3D versions of their co-workers have seen a boost in the number of users, as has video communications app zoom.

Freemium Versions

Even though many of these apps have seen a surge in user numbers which could see users continuing to use them and recommending them in future if their experiences of the apps are good, the ‘freemium’ versions (the basic program for free and advanced features must be paid for) appear to account for most downloads.

Some companies, such as Rumii, have now started to offer services for free after noticing a rise in the number of downloads as Covid-19 spread in the United States.

G Suite

Google’s cloud-based G Suite service (Gmail, Docs, Drive, Hangouts, Sheets, Slides, Keep, Forms, Sites) is reported to have gone past the two billion monthly active users mark at the end of last year. It appears to have gained many active users due to people preparing to work from home following the Covid-19 outbreak.

Google has also offered parts of its enterprise service e.g. Hangouts Meet (video conferencing) for free to help businesses during the period when many employees will need to work from home.

Microsoft

Microsoft is also reported to be offering a free six-month trial for its collaborative working platform ‘Teams’, which surpassed the 20 million active user mark back in November.

Unfortunately, Microsoft Teams suffered a reported two-hour outage across Europe on Monday, just as many employees tried to log in as part of their first experience of working at home in what some commentators are now calling the new “post-office” era.

What Does This Mean For Your Business?

Cloud-based, collaborative and remote working and communications platforms are now providing a vital mitigating lifeline to many businesses and workers at the start of what is likely to be a difficult, disruptive, dangerous and stressful time.  Companies that can get the best out of these cloud-based tools, especially if they can be used effectively on a smartphone, may have a better chance of helping their businesses survive a global threat. Also, the fact that many companies and employees are forced to seek out and use cloud-based apps and platforms like these could see them continuing to make good use of them when the initial crisis is over and we could be witnessing the trigger of a longer-term change in working towards a post-office era where businesses make sure they can last out the effects of future similar threats.

Apple Announces The Closure Of All Stores Outside China Until March 27

Apple has announced that due to the global spread of COVID-19, it will be closing all of its retail stores outside of Greater China until March 27.

Flexible Working

A statement on the Apple website (Newsroom) highlighted how Apple is adopting “flexible work arrangements worldwide outside of Greater China”.

Apple also said that those staff members whose work still requires them to be on-site will be following guidance to maximize interpersonal space.  Also, the statement highlights the “extensive, deep cleaning” that is taking place on all of Apple’s sites, and the fact the Apple is rolling out health screenings and temperature checks.

Paid As Usual

The statement also makes it clear that despite the temporary closures, flexible and remote working, Apple’s staff will be paid as usual, and that the company’s leave policies have been expanded to take account of personal or family health circumstances created by COVID-19, such as recovering from illness, caring for a sick loved one, mandatory quarantining, or childcare challenges resulting from school closures.

Worldwide Developers Conference Online

Apple has recently announced that its annual Worldwide Developers Conference in June will be held entirely in an online format this year.  Despite this change in format, Apple’s senior vice president of Worldwide Marketing, Phil Schiller, is choosing to see it as an “opportunity” and as an “innovative way” to bring the global developer community together with “a new experience”.

New COVID-19 News Section

In an attempt to help its users avoid fake news about the global health crisis, and to boost its credibility as a trusted brand, Apple has also announced the launch of a new COVID-19 news section, where, it says that its users will find the “latest verified reporting from trusted news outlets”.

Trusted For The Election

Even though the world is in the midst of a health crisis, the US election is still likely to be happening in November.  Apple also has plans to establish itself as a trusted news source then through its own, curated Apple News coverage of the election where it will feature “reliable” news, information and data from multiple trusted news sources.

What Does This Mean For Your Business?

For Apple employees, the opportunity to work flexibly and more safely from home, still receive pay as normal and receive the benefits of more favourable company leave policies is likely to be very welcome. These moves by Apple also show the company in a very positive ethical and caring light, which many would see as being consistent with its public brand values.

Closing stores only until March 27 (just over a week from now), however, may be seen by some as a trifle optimistic, and could mean that employees in those stores may be very nervous about the thought of having to go back to any customer-facing roles when the illness still has a lot further to spread before it begins to slow down.  It remains to be seen whether Apple extends this date in the light of unfolding events.

Tech Tip – Managing Background Apps

If you’re connecting via a mobile device, information, notifications and updates going to and from apps that run in the background can sap your battery power and your data.  Here’s how to control which apps are running in the background:

– Go to Settings > Privacy > Background app.

– To stop all apps from running in the background, toggle ‘Let apps run in the background’ to ‘Off’. Be aware that some background app updates serve a useful purpose.

– To stop individual apps from running in the background, scroll down the list and switch to ‘Off’ as required.

Featured Article – Google: What Do they Know About You?

To have access to Google’s many features and services, as with other platforms, we need to give some personal information and then sign-in, but have you ever wondered just how much information Google keeps about you and your activities?

Google

This article looks as some of the many different types of personal information that Google stores, and how you can manage the situation, and reduce any potential risks that you may perceive as coming from your personal data being stored by Google.

Your Personal Data

Many of us accept that certain personal information needs to be stored privately with Google, but you may wish to know which information Google categorises as ‘public’.  To check this, login to your Google account, go to ‘Manage Your Google Account’, click on ‘Personal Info’, scroll down to ‘Choose What Others See’ and click on ‘Go to About me’.  Here you’ll be able to see which information is ‘hidden’ e.g. with a padlock icon, or ‘visible’ with an earth icon.  From here you can also click on ‘Privacy Check-up’ link so that you can manage other aspects of what information is stored about you and your Google-based activities.

‘Data and Personalisation’ Section

When you log into your Google account, go to your account page and click on the ‘Data and Personalisation’ link.  At this point, you will be able to see if your ‘Web & App Activity’, ‘Location History’ and ‘YouTube History’ are switched on or off.  If they in the ‘On’ position on tick-box control, then you can assume that Google is tracking and storing plenty of your data relating to these factors.

Web & App Activity

As the name suggests, this relates to your activity on Google sites and apps, and this also includes your location. The stated reason for collecting this information (with your consent, via the toggle control) is to give you “personalised experiences”.  Within the ‘Activity Controls’ section here you should also be able to see tick-box controls for the tracking and storing of your Chrome history and activity from sites, apps and devices that use Google services, and for including any voice and audio recordings.

You can stop Google from tracking this further by turning off the blue toggle switch in the ‘Activity Controls’ section relating to your Web & App Activity which then gives you the option to ‘pause’ this type of tracking.

If you’d like Google to automatically delete this data either every 3 or every 18 months, you can select the gear icon and choose the ‘Automatically Delete’ option and then choose which timeframe. Once this has been done Google will immediately delete current data that’s older than the timeframe specified by you.  Also, you choose to Delete activity by either Last hour, Last day, All time or a custom range.

Location History

By allowing Google to track your location history, Google can record and display information about where you’ve been with your devices, even if you haven’t been using a specific Google service at the time.

The positive aspects of Google storing this information is that you can get personalised maps and recommendations from Google based on places that you’ve visited, and if you click on the ‘Manage Activity’ link in your location history section in Google, it can be interesting to see where you’ve been on holiday and checked in with your location.  Google lists all of what it calls the ‘confirmed’ places you’ve visited (which Google gives you the option to confirm yourself) and the so-called ‘unconfirmed’ places.

The disadvantage of Google storing (and of you reviewing) this kind of information is that if it fell into the hands of criminals or those you would specifically not want to know where you are the data could be a threat damaging e.g. showing a burglar that you’re away from your home on holiday.  You may also feel personally that the information stored about your habits is a little bit too much like ‘big brother’ or borders on an infringement of your privacy.

You can stop Google from tracking this further by turning off the blue toggle switch in the ‘Activity Controls’ section relating to your Location History which then gives you the option to ‘pause’ this type of tracking.

If you’d prefer Google to automatically delete this data either every 3 or every 18 months, you can select the gear icon and choose Automatically delete Location History, then choose which timeframe. Once this has been done Google will immediately delete current data that’s older than the timeframe specified by you. You can go back over these steps and check that the visual location timeline is empty is you really want to be sure that Google has complied with your request.

Your YouTube History

Google tracks your YouTube search and watch history i.e. what videos you’ve searched for, watched and when, and this is used by Google to show videos at the top of the page when you next visit YouTube that you may be interested in based on your History.  There could, however, be several downsides to this e.g. on a shared computer, not wanting others to see which videos you have been watching, or the suggestions may not be things you are actually interested in at that point in time.

As with the other aspects of what Google stores and tracks, it’s a case of following the arrow next to ‘YouTube History’ link in your ‘Data & personalisation’ section of Google and setting your preferences from there.

Your Purchase History

CNBC research in May 2019 highlighted how Googlemail creates a (difficult to delete) page of your purchase history which it was believed was created by tracking your purchase receipt emails, and perhaps details stored in locations other than the inbox.

Google states in its accounts help section that “Your Google Account includes purchases and reservations made using Search, Maps, and your Assistant” (note that there’s now no mention of Googlemail) and according to Google, the feature is included as a way of organising things “to help you get things done”.  Getting things done, for example, means asking your Google Assistant about the shipping status of a purchase, or asking your Google Assistant to show you your flight reservations, or using Google’s search to ask questions like, “Is my flight on time?”

Deleting From Your Purchases Page

In Google’s help section here https://support.google.com/accounts/answer/7673989 and in the subsection ‘delete your purchases and reservations’, Google provides instructions on how to delete them i.e. sign in to your Google account, go to the Purchases page (for which a link is provided),  view your purchase details and select ‘Remove Purchase’, and follow the on-screen deletion instructions.

Downloading Your Data

If you’d like to download the data from the Google ‘products’ you’ve used, Google lets you do this here: https://support.google.com/accounts/answer/3024190?hl=en&ref_topic=7188671

Beware

Even though Google does appear to allow you to manage most aspects of what data is collected about you and your activities when signed in, there have been suggestions, reports and stories published online that may indicate that you could still be tracked by Google when signed-out.  For example, back in August 2018, An Associated Press report accused Google of recording the locations of its users via their mobile devices, even when they had requested not to be tracked by turning their “Location History” off. Also, some have suggested that cookies have been used to help track YouTube activity when you’re signed out, that Google can use information from Wi-Fi and other wireless signals near your phone to keep tracking you, and that there appear to be some contradictions between Google’s statements on certain privacy issues.

Looking Forward

For many of us, we’d like to have control of our personal data (if we had the time to check it all) and are pleased that there are now laws (e.g. GDPR) to help us to do this, but we’re also aware of the value of personal data to legitimate businesses e.g. for personalisation of services, and in marketing communications which have always been valuable in gaining, retaining, and maximising the value of customers.

Clearly, data security and privacy laws perform an important role of protection, and technology giants, as well as other companies and organisations, need to continue abiding by these laws and it is helpful to allow customers easy access to see and to personally manage what information is held about them both privately and publicly.

Survey Reveals IR35 Tax Reforms Legal Action Risk For Private Sector Companies

A survey by ContractorCalculator has revealed that many private sector companies may be at risk of legal action through misinterpreting the new IR35 tax reforms.

What Is IR35?

The IR35 tax reform legislation, set to be introduced this April, is designed to stop tax avoidance from ‘disguised employment’, which occurs when self-employed contractors set up their own limited company to pay themselves through dividends (which are not subject to National Insurance).  IR35 will essentially mean that, from April 2020, medium-to-larger private sector organisations become responsible for determining whether the non-permanent contractors and freelancers should be taxed in the same way as permanent employees (inside IR35) or as off-payroll workers (outside IR35), based upon the work they do and how it is performed.

Also, the tax liability will transfer from the contractor to the fee-paying party i.e. the recruiter or the company that directly engages the contractor. HMRC hopes that the IR35 reforms will stop contractors from deliberately misclassifying themselves in order to reduce their employment tax liabilities.

The idea for the introduction of the legislation dates back to 1999 with Chancellor Gordon Brown and Chancellor Philip Hammond introduced IR35 for public bodies using contractors from April 2017.

National Insurance

One of the potential problem areas for private sector companies revealed by the ContractorCalculator questionnaire, answered by some 12,000 contractors, is that some may be unlawfully deducting employers’ national insurance contributions (NICs) from their contractors’ pay.  This means that they are effectively imposing double taxation on these contractors.

Given that 42% of contractors said they weren’t aware that such deductions were unlawful, the survey appears to show that although these companies have been acting unlawfully, it is likely to be because they have simply misinterpreted the new tax reforms given the complicated nature of the IR35.

Tribunal Threat

The survey also showed that 58% of survey participants are classified as ‘inside’ IR35 (taxed in the same way as permanent employees) said that they would consider taking their client to an employment tribunal because, if they have to pay the same amount of tax as a permanent employee, they feel that they should receive the same benefits as permanent employees e.g. sick pay and a pension.

Contractor Loses Case

On this subject, there was news this week that an IT contractor who had worked through his limited company Northern Light Solutions for Nationwide for several years and been treated as outside IR35 has lost an appeal to HMRC against a £70,000 tax demand whereby HMRC had argued, successfully, that he should have been categorised as inside IR35.

What Does This Mean For Your Business?

When the IR35 tax reforms were first announced, many business owners thought that the reforms appeared to be very complex and that not enough had been done by the government to raise awareness of the changes and to educate businesses and contractors about the implications and responsibilities.  This survey appears to support this and shows that this lack of knowledge and awareness of IR35 by businesses could be leaving them open to the risk of legal action.  Contactors and the companies that use their services need to learn quickly about the dangers of hiring freelance workers long-term and companies that use freelancers need to conduct correct due diligence in order to ensure that the business relationship they have with them complies with IR35.

Facebook Sued Down-Under For £266bn Over Cambridge Analytica Data Sharing Scandal

Six years after the personal data of 87 million users was harvested and later shared without user consent with Cambridge Analytica, Australia’s privacy watchdog is suing Facebook for an incredible £266bn over the harvested data of its citizens.

What Happened?

From March 2014 to 2015 the ‘This Is Your Digital Life’ app, created by British academic, Aleksander Kogan and downloaded by 270,000 people which then provided access to their own and their friends’ personal data too, was able to harvest data from Facebook.

The harvested data was then shared with (sold to) data analytics company Cambridge Analytica, in order to build a software program that could predict and use personalised political adverts (political profiling) to influence choices at the ballot box in the last U.S. election, and for the Leave campaign in the UK Brexit referendum.

Australia

The lawsuit, brought by the Australian Information Commissioner against Facebook Inc alleges that, through the app, the personal and sensitive information of 311,127 Australian Facebook Users (Affected Australian Individuals) was disclosed and their privacy was interfered with.  Also, the lawsuit alleges that Facebook did not adequately inform those Australians of the manner in which their personal information would be disclosed, or that it could be disclosed to an app installed by a friend, but not installed by that individual.  Furthermore, the lawsuit alleges that Facebook failed to take reasonable steps to protect those individuals’ personal information from unauthorised disclosure.

In the lawsuit, the Australian Information Commissioner, therefore, alleges that the Australian Privacy Principle (APP) 6 has been breached (disclosing personal information for a purpose other than that for which it was collected), as has APP 11 (failing to take reasonable steps to protect the personal information from unauthorised disclosure).  Also, the Australian Information Commissioner alleges that these breaches are in contravention of section 13G of the Privacy Act 1988.

£266 Billion!

The massive potential fine of £266 billion has been arrived at by multiplying the maximum of $1,700,000 (£870,000) for each contravention of the Privacy Act by the 311,127 Australian Facebook Users (Affected Australian Individuals).

What Does This Mean For Your Business?

Back in July 2018, 16 months after the UK Information Commissioners Office (ICO) began its investigation into the Facebook’s sharing the personal details of users with political consulting firm Cambridge Analytica, the UK’s ICO announced that Facebook would be fined £500,000 for data breaches.  This Australian lawsuit, should it not go Facebook’s way, represents another in a series of such lawsuits over the same scandal, but the £266 billion figure would be a massive hit and would, for example, totally dwarf the biggest settlement to date against Facebook of $5 billion to the US Federal Trade Commission over privacy matters.  To put it in even greater perspective, an eye-watering potential fine of £266 billion would make the biggest GDPR fine to date of £183 million to British Airways look insignificant.

Clearly, this is another very serious case for Facebook to focus its attention on, but the whole matter highlights just how important data security and privacy matters are now taken and how they have been included in different national laws with very serious penalties for non-compliance attached. Facebook has tried hard since the scandal to introduce and publicise many new features and aspects of its service that could help to regain the trust of users in both its platform’s safeguarding of their details and in the area of stopping fake news from being distributed via its platform.  This announcement by the Australian Information Commissioner is, therefore, likely to be an extremely painful reminder of a regrettable and period in the tech giant’s history, not to mention it being a potential threat to Facebook.

For those whose data may have been disclosed, shared and used in a way that contravened Australia’s laws, they may be pleased that their country is taking such a strong stance in protecting their interests and this may send a very powerful message to other companies that store and manage the data of Australian citizens.

Coronavirus Outbreak: Remote Working For Staff

With the whole of Italy’s 60 million population in lockdown and other countries taking drastic measures to control the coronavirus outbreak, the tech-giant companies are now asking their employees to work remotely.

Google

Due to fears of COVID-19 spreading through large numbers of staff, Google had already announced last week that it was temporarily closing its office in Dublin and asking the 8,000 employees to work from home.  Google has more than 70 offices in 50 countries and back at the end of January, Google also temporarily closed its offices in mainland China, Hong Kong, and Taiwan when the outbreak was still mainly based in China.

Amazon

Amazon, which restricted all nonessential travel in the U.S for employees as of last month has, after an employee tested positive for coronavirus, asked workers from its Seattle and Bellevue, Washington, offices to work from home until the end of the month.

Facebook

In addition to cancelling its annual developer conference which was due to be held on May 5 and 6 in San Jose, California (which attracted 5,000 people last year), Facebook has closed its Seattle office and asked all 5,000 of the office’s employees to work from home until the end of the month. Facebook has also closed its three London offices after an employee was diagnosed with COVID-19 and all 3,000 employees from those offices have been asked to work from home.

Slack

After an employee of Slack returned from travel and was suspected to have contracted COVID-19 (which turned out not to be the case), Slack closed its offices in San Francisco at the end of last week and a deep clean of the premises took place at the weekend.  Meanwhile, employees were encouraged to work from home.

Others

Microsoft has advised its Seattle and San Francisco employees that they can work from home until March 25th, Twitter has encouraged its employees to work from home, and Apple CEO Tim Cook has encouraged employees at several global offices to “work remotely from March 9th to 13th”.

One piece of positive news for Apple, however, is that all but four of Apple’s stores in mainland China, which is a vital market for Apple, have now reopened after being closed there during the main coronavirus outbreak.

Musk Sceptical

Some scepticism about closures and reactions to the coronavirus outbreak has been expressed by Elon Musk who tweeted that the “coronavirus panic is dumb”, a tweet that was liked by around 2 million people.

Pay

In the UK last week, prime minister Boris Johnson announced in parliament that new rules will mean that statutory sick pay (SSP) will come into force on the first day of absence in order to make those who feel they may have the virus and want to self-isolate, by staying at home rather than coming into the office and potentially infecting others.

Tech Industry, Work From Home

On the plus side, the nature of many tech industry jobs means that working from home is perhaps more possible than for many other industries, and for the UK as a whole, a 2019 CIPD Job Quality Index survey reported that 54% of the UK’s workforce works flexibly.

What Does This Mean For Your Business?

For those businesses that can’t easily allow employees to work home e.g. manufacturing, bricks and mortar retail, construction, events and entertainment, transport and logistics etc, the threat of a shutdown of work for what could be an unspecified period creates a real threat to the life of the business. The situation also presents a threat to many small businesses, sole traders, and self-employed people who may not have resources to last-out ‘lockdowns’, self-isolating, disruptions and complications caused by the spread of the coronavirus.

For companies that are forced to close offices, they now need to make sure that relevant staff can access company systems and intranets remotely, and that they have VPNs installed.

This situation is also a reminder of how business continuity planning and disaster recovery plans should have disease epidemic and pandemic scenarios built-in to them for the future, and this situation is likely to expose what work needs to be done by many companies in this areas of planning.

Tech Tip – The 2nd Start Menu

In addition to the main Start menu that you can access by clicking on the Windows symbol (bottom left), Windows 10 has a 2nd start menu that gives you fast access to features like PowerShell, Device Manager, Task Manager and File Explorer.  Here’s how to launch it:

– Click on the Windows key + X or right-click on the Windows icon (bottom left).

– This will launch the 2nd Start menu.