Constantly changing conditions, new needs, the development of technology and increasing demands have led to the emergence of new forms of work provision. Among them, telecommuting occupies a primary position. This form of employment played an important role, especially during the pandemic period, with the PNP of 11/03/2020, as a measure to avoid the spread of COVID 19, its limitation and to ensure public health. Thus, if it is deemed necessary to impose extraordinary protection measures and for as long as their implementation lasts, the Legislature provides that the employer may, by his decision, determine that the work for part or all of the staff, when the nature allows of work, will be able to be carried out with the system of remote work (teleworking). In addition, however, teleworking can be considered as a new form of work that provides flexibility to both the employee and the employer while at the same time contributing to savings of energy but also of time. In our country teleworking or remote work is provided for in article 67 of Law 4808/2021.
Remote work (Teleworking): Remote work or telecommuting is the remote provision of the employee’s dependent work part-time, full-time, on a rotating basis or in another form of employment. Remote work (teleworking) is provided using ICT.
ICT (Information and Communication Technology): It is the set of technologies offered to the employees of MetalLogic, within the framework of the working relationship, to achieve the provision of their services outside the facilities.
The term information refers to the data transferred through technological means and includes texts, images, and sound.
B. Y. O. D. : Bring Your Own Device (Bring your own device) Describes the use of personal device equipment in a professional context, which is widely applied when providing remote work. This possibility is also provided by Law 4807/2021.
Purpose of the Policy
The purpose of this Policy is to define a management framework, according to which the security of the use of mobile devices and the security of information can be ensured in accordance with the standard of Information Security Management ISO 27001:2013. Due to the nature of MetalLogic’s activity, it is necessary for each employee who works remotely to comply with this policy. Adherence to this policy is intended to prevent the leakage of information that may concern customers or partners of the company and at the same time to protect the privacy of employees who work remotely. Telecommuting blurs the boundaries between home and work. The use of technology as a means of working from home also allows greater intrusion into private space and time resulting in questioning the protection of privacy, personal data, and the right to private life, which could have a negative impact on the balance between their professional and personal lives. For this reason, the application of the personal data protection rules is mandatory. Therefore, the purpose of the policy is to implement telecommuting in the appropriate way, both for the security of the information of the company and its customers, as well as for the employee himself and the protection of his personal life.
Field of application
The Policy on remote employment (teleworking) applies to those employees whose work position is offered for remote provision. This means that it could not be applied to all its employees, as the live presence of a large part of MetalLogic is necessary for the performance of their duties. In addition, remote work is implemented after a written agreement with the employer and if it is deemed necessary for reasons of illness of the employee, or for reasons of public health or safety or for reasons of convenience when the place of residence of the employee is at a great distance from the company facilities to save time and energy.
MetalLogic, realizing the damage that remote employment can cause to the security of information and the violation of the privacy of employees and by extension to the reliability and reputation of the company, adopts a specific policy for the management of remote work (teleworking).
Specifically, it adopts:
- Avoid storing passwords: caching should be avoided. However, if storage is deemed necessary, it should be ensured that the device is password protected.
- Protecting your telecommuting device: Your telecommuting device should be kept in a secure place when not in use to prevent theft.
- Enable all security updates for operating system, application security and anti-malware.
- In case the employee uses B.Y.O.D. during remote work, the company is not allowed to interfere with parts of his personal device which are presumed to be used only for private purposes. The ultimate purpose of implementing this policy is to distinguish personal from professional use of the device and to prevent the collection of data related to the family and private life of the employee. Indications during use B.Y.O.D., among others, the following must be observed: -physical or logical separation of the parts of the personal device from the part intended for professional use, -requirement to observe basic security measures, e.g.: anti-virus program, -inform and raise awareness of users/employees regarding the risks posed by improper use of the devices, -the prior approval of the MetalLogic Management for the use of personal equipment.
- Training and informing employees about the protection of personal data when using the devices in teleworking.