Skip to content
Law Society of Scotland
Search
Find a Solicitor
Contact us
About us
Sign in
Search
Find a Solicitor
Contact us
About us
Sign in
  • For members

    • For members

    • CPD & Training

    • Membership and fees

    • Rules and guidance

    • Regulation and compliance

    • Journal

    • Business support

    • Career growth

    • Member benefits

    • Professional support

    • Lawscot Wellbeing

    • Lawscot Sustainability

  • News and events

    • News and events

    • Law Society news

    • Blogs & opinions

    • CPD & Training

    • Events

  • Qualifying and education

    • Qualifying and education

    • Qualifying as a Scottish solicitor

    • Career support and advice

    • Our work with schools

    • Lawscot Foundation

    • Funding your education

    • Social mobility

  • Research and policy

    • Research and policy

    • Research

    • Influencing the law and policy

    • Equality and diversity

    • Our international work

    • Legal Services Review

    • Meet the Policy team

  • For the public

    • For the public

    • What solicitors can do for you

    • Making a complaint

    • Client protection

    • Find a Solicitor

    • Frequently asked questions

    • Your Scottish solicitor

  • About us

    • About us

    • Contact us

    • Who we are

    • Our strategy, reports and plans

    • Help and advice

    • Our standards

    • Work with us

    • Our logo and branding

    • Equality and diversity

  1. Home
  2. News and events
  3. Blogs & opinions
  4. Maintaining compliance through unusual times

Maintaining compliance through unusual times

16th October 2020 | Business support

Recent announcements from the UK and Scottish Governments mean a return to traditional office work is still on hold for most of us. This article, which is the first in a series of collaborative content from ScotlandIS Cyber and Data Clusters, FinTech Scotland and LawscotTech, considers how working from home can impact on employees’ attitudes towards diligence and how companies can encourage a compliance-driven culture in a remote setting.

As we have now passed the six-month mark since lockdown officially began, for many companies and individuals the impact of continuing to run their business remotely is starting to take its toll; whether it is maintaining the team bond or the company culture, supporting their staff as they return from furlough or perhaps having to deal with the difficult situation of downsizing and letting people go.

It is very easy during these emotional, frustrating and sometimes isolating times to let ourselves become distracted and for bad habits to kick in – are you downloading that file which you shouldn’t be or clicking on an unknown link on your work laptop?

Many employees are probably also still in the mindset of the current situation being temporary and that it will end, which can also result in not have the right outlook and attitude when it comes to working from home processes and policies. It is very hard as individuals to always be as diligent as our companies need us to be, especially when working in our home environment.

Even when offices do start to open up, we will no doubt be working in a hybrid model for quite some time and for many companies that will remain the mode of operation. These more flexible ways of working can bring benefits for both companies and employees in the long run, saving costs on office space, reducing commuting time etc. For these new models to work without exposing businesses to risks it is essential that companies help their staff maintain good working habits to ensure compliance.

Companies should have clear working from home policies and procedures which help employees to understand the differences between operating in an office and working from home. Examples of such guidelines include:

  • Keeping separate work and personal accounts for videocalls and other digital exchanges and not start to merge or mix these two domains
  • Policies for bringing devices between the office and home
  • Procedures for updating anti-virus protection and ensuring work is backed up regularly

As well as having guidance and clear policies, companies also need to ensure that any new tools and processes have been factored into their current certifications and compliance frameworks such as Cyber Essentials and GDPR.

Companies should already have a robust data classification system, but guidance may need to be updated as to how different classes should be handled in a home environment particularly with others in the household.

Businesses should also run company-wide regular security awareness training focusing on risks of everyday situations such as password security, phishing emails and protecting sensitive information. A number of security providers offer programmes of videos and scenarios to help engage employees to shift culture and reduce the risk of human error. It is also hugely important for companies to respond to such errors in a compassionate and supportive way and not lay the blame on the individual – encouraging staff to be open about mistakes they may have made, rather than hiding them.

With October being cyber security month, now is as good a time as any to re-think your approach to maintaining compliance for the long term in whatever mode of operation your find your business to be in.

Useful links:

  • NCSC guidance – 10 steps to security
  • Scottish Government Cyber Scotland bulletin
  • Find a local cyber security company on the Cyber Directory or data company on the Data Directory
  • Law Society of Scotland's Cyber security guide

If you are interested in knowing more about the collaboration between ScotlandIS Cyber and Data Clusters, FinTech Scotland and LawscotTech or about any of these individual organisations please get in touch with Charlotta Cederqvist

 

Add To Favorites

Additional

Mitigo

Mitigo offers solutions to keep your company cyber secure and GDPR security compliant

Read more about Mitigo
Law Society of Scotland
Atria One, 144 Morrison Street
Edinburgh
EH3 8EX
If you’re looking for a solicitor, visit FindaSolicitor.scot
T: +44(0) 131 226 7411
E: lawscot@lawscot.org.uk
About us
  • Contact us
  • Who we are
  • Strategy reports plans
  • Help and advice
  • Our standards
  • Work with us
Useful links
  • Find a Solicitor
  • Sign in
  • CPD & Training
  • Rules and guidance
  • Website terms and conditions
Law Society of Scotland | © 2025
Made by Gecko Agency Limited