Data risk management is constantly changing and companies need to update their approach in line with these changes.  In the new era of COVID-19, an increasing number of staff are now working from home (WFH), which probably will persist as companies realize the financial and health benefits of working remotely.  


An increase of WFH individuals changes the nature, scope, and context of technology involved with processing operations.  For example:


  • Employees use new connectivity and communication capabilities; 

  • sharing accommodation when WFH introduces a new and more widespread social mix; and

  • WFH creates more relaxed working conditions as exposure to office policies and practices is reduced.  


This new organizational and technical topology brings with it increased risk to data -- both commercial and personal -- including an increased likelihood of 


  1. Unauthorised disclosure while teleconferencing and using social media; or unlawful access due to unsecured devices, leading to "confidentiality" breaches; 

  2. Disregarding now-less-evident office policies, leading to "integrity" breaches; and 

  3. Ransomware viruses being spread over home WiFi networks, leading to "availability" breaches.