We published a post about the SHIELD Act at the beginning of this year and had no idea the level of significance it would hold in our “new normal.” The act, signed by Andrew Cuomo in the summer of 2019, demands compliance from “any person or entity with the private information of a New York resident” and may businesses that were in compliance with the act now face an uncertain future. Will they return to a traditional office space or will their workforces continue working from home indefinitely – or will it be a combination of the two? What do the changes businesses have undergone since the beginning of the year mean for cybersecurity and SHIELD Act compliance?
What does the SHIELD Act entail?
The SHIELD act went into effect in March of 2020 and mandates that businesses operating in New York, whether or not they are based in New York, update and expand their definitions of private information, broaden what kind of breach requires notification, and enhance protections to meet new cybersecurity standards. If companies fail to meet the more rigorous cybersecurity standards laid out by the SHIELD Act, they expose themselves to a $5000 dollar fine. If an actual data breach occurs and the business did not take the steps to become SHIELD compliant, they risk potentially irreversible damage to their reputations and legal repercussions.
Remote Workforces and Increased Security Concerns
Remote workforces place profoundly different demands on a business’s technology and cybersecurity needs. The attack surface, points where an unauthorized user can try to gain access to a business’s resources, is much larger and varied than traditional work models. In a traditional office, a firewall guards the perimeter of your network – and in the case of a remote workforce, that perimeter no longer exists. The lack of this perimeter can lead to poor alignment with security best practices, allow for the inclusion of elements of Shadow IT, and greatly reduce a business’s overall security posture.
What is a Hybrid Workforce?
As we continue to adjust to this new normal, we look ahead and consider what the future holds. Will we continue to meet over collaboration platforms like Teams and Zoom, or will there be a time when, with the proper precautions, we can meet in person to conduct business? Valiant sees a hybrid workforce on the horizon – and one that comes with many benefits to businesses. We will still have our physical office spaces, but employees will be more empowered than ever to perform their jobs at home. Deploying virtual desktops, a key tool for the hybrid workforce can increase flexibility, remote security, and seamless collaboration.
What do we do about the SHIELD Act?
Complying with the SHIELD Act will eliminate many of the concerns laid out in this post. It’s also a requirement for doing business in New York. Businesses will be more secure as a result of compliance, and in the event that they do experience a data breach, they will be protected by the law and can confidently tell their clients they took every possible measure to protect their data. If the first half of 2020 has taught us anything, it’s that we never know exactly what’s coming. If you fail to prepare you only prepare to fail.
If you any questions about our services and how we can help you maintain SHIELD Act compliance, please feel free to reach out to us.