Regarding the Internet security, can teleworking be carried out in optimal conditions?
Business interactions through digital media are not new and are not the prerogative of the pandemic – even if not at the same level and volume, they were done before (eg teleconferences with participants in various locations). A well-designed remote work platform automatically includes security measures, providing technical cryptographic mechanisms to encrypt the channel being discussed so as to ensure data confidentiality.
But because, in the context of the pandemic, the need to use these collaborative means of work has increased exponentially, more attention must be paid to the platform we want to work on – the market offers us multiple solutions but not all provide the same level of security. This is why is recommended to consult a specialist able to point out the risks of using the respective solution so that we can decide if it is the optimal one, related to the degree of confidentiality of the circulated data.
Lately, not only telework has developed, but also the volume of documents signed and transmitted electronically. Concerning the electronic signature, is this safe, can we be sure of the identity of the signatory?
Of course. In fact, part of the work carried out by employees (especially on the management side) involves the issuance of various internal documents that require signatures. The importance of this documents is increased because the external documents, which end up leaving the organization, are based on them.
Thus, a part of telework is defined by generating electronic documents (essential for business continuity), easy to transmit between various entities and roles inside or outside the company, assuming their responsibility through the electronic signature. From the security point of view, the electronic signature is distinguished by:
• authenticity – certifies the identity of the signatory, authenticates the origin of the document (who generated and assumes the document);
• integrity – ensures its integrity (it can be verified if changes have been made to the document after signing or we have the original form);
• non-repudiation – the signing of the document and its generation cannot be denied later.
Does any electronic signature provide the necessary security in the conduct of telework?
No, because there are many types of electronic signatures, ranging from those made simply in a Word document (which can be as easily forged as handwritten ones, not having the security of the signer's identity) to qualified electronic signatures that are the most secure, being defined by the elements mentioned above – authenticity, integrity and non-repudiation.
Qualified electronic signature based on a qualified certificate issued by a trusted service provider according to EU Regulation eIDAS no. 910/2004 guarantees that only the person in question signed the documents (with the possibility of verification), respectively the integrity of the document. It is based on encryption mechanisms, respectively a key that only the holder of the signature knows – the holder of the qualified electronic signature certificate.
Obviously, with the development of telework, we can talk about an increase in cyber security risks, but precisely for this reason it is recommended to use a qualified electronic signature to sign business documents in the case of remote work. Throughout its ease of use, the functionalities established by the technical mechanisms ensure a high degree of security.