Stay-at-Home Data Breach Warning

John E. Kaye
- Published
- News, Technology

According to the International Association of IT Asset Managers (IAITAM), now that major parts of the world are under stay-at-home orders, unprepared corporations face a huge data control problem as they go into their first major billing cycle carried out by employees working at home.
Thousands of companies in the U.S are relying on employees untrained in doing their jobs from home and using untracked equipment on insecure Wi-Fi connections. Not only are these companies putting their own data at risk, but they are also exposing sensitive data about their clients. Less than two weeks ago, IAITAM issued a warning to organizations and government agencies, urging them to consider “nightmare data risks” before moving to work-from-home arrangements.
Dr. Barbara Rembiesa, president and CEO of IAITAM, said: “Many companies were caught unprepared when cities and states issued mandatory stay-at-home rules. Now, the rubber is going to meet the road when those companies, which are struggling not to be crippled by COVID-19, try to keep the cash flowing by having employees at home call or email for credit card information, print out invoices on untracked home computers and send them out on personal Wi-Fi networks. This opens up the potential for breaches and fraud on a scale never before seen.”
IAITAM is concerned that many employees will be ill-equipped on home computers and other BYOD (bring your own device) equipment to handle sensitive data such as credit card numbers, foreshadowing imminent breaches of personally identifiable information (PII). Ensuring that policies and procedures are in place and enforced (including on a remote basis) is imperative to protecting data and the integrity of an organization.
Billing information always contains PPI, which is subject to data privacy regulations. It is important to ensure that assets used at home are abiding by internal policies and external regulations that govern billing information. For instance, Payment Card Industry (PCI) Data Security Standard compliance dictates that companies cannot track credit card numbers or duplicate them without appropriate masking. Under these terms, printing an invoice or taking a credit card payment over the phone, and writing it down without redacting full account numbers, could be considered a data breach.
Industry regulations for sectors such as education, finance or healthcare have separate considerations. Additionally, all businesses that handle data from European citizens are subject to GDPR enforcementand hefty non-compliance fines. It is advisable to consult with an experienced IT Asset Management professional, who can appropriately determine which data regulatory guidelines are at work and how to apply them properly.
Rembiesa added: “It is no longer business as usual. ‘Stay-at-home’ orders ensure that secure payments and billing procedures are nearly impossible. Remote employees are not trained on data privacy regulation and risk exposing sensitive information to a data breach. Without proper IT Asset Management, there are major dangers that must be mitigated. It is not too late for CEOs and others in charge of companies to take steps to get these risks under control and to protect their data and that of their customers.”
For more information visit: www.iaitam.org.
For more Technology News follow The European Magazine.
Sign up to The European Newsletter
RECENT ARTICLES
-
UK organisations show rising net zero ambition despite financial pressures, new survey finds
-
HumanX to establish permanent European base with 2026 Amsterdam AI summit
-
Gulf ESG efforts fail to link profit with sustainability, study shows
-
Glastonbury and Coachella set the stage for $400bn music tourism growth
-
Geopolitical volatility enters global top ten business risks for first time, new survey finds
-
Redress and UN network call for fashion industry to meet sustainability goals
-
Dar Global unveils $1bn Trump Plaza Jeddah in second Saudi venture with Trump Organization
-
Investors eye UAE as Belt and Road real estate gateway for Asia
-
Mitsubishi Estate’s £800m South Bank scheme to deliver 4,000 jobs
-
Watch: driverless electric lorry makes history with world’s first border crossing
-
Bologna sets pace in Europe’s tech race with record investor–founder meetings
-
Family-owned firms resist board diversity gains despite gender quotas, study finds
-
UK start-up founders defy stereotypes with corporate roots and regional spread
-
London Law Expo 2025 to tackle leadership, AI and integrity in the legal sector
-
Sustainability skills surge in European boardrooms, EY finds
-
UK and U.S unveil landmark tech pact with £250bn investment surge
-
International Cyber Expo to return to London with global focus on digital security
-
Cybersecurity talent crunch drives double-digit pay rises as UK firms count cost of breaches
-
Trinity Business School strengthens standing in global MBA rankings
-
UK backs satellite-AI projects to tackle climate and transport challenges
-
Investors with €39bn AUM gather in Bologna to back Italy’s next tech leaders
-
Miliband: 'Great British Energy will be self-financing by 2030'
-
First dedicated civils trade show in UK for 20 years announced for ExCeL London
-
Axians and Nokia expand partnership to strengthen communications infrastructure across EMEA
-
Google commits £5bn to UK in major AI and research expansion