Our global pages
Close- Global home
- About us
- Global services/practices
- Industries/sectors
- Our people
- Events/webinars
- News and articles
- Eversheds Sutherland (International) Press Hub
- Eversheds Sutherland (US) Press Hub
- News and articles: choose a location
- Careers
- Careers with Eversheds Sutherland
- Careers: choose a location
Coronavirus – Remote working security – France
- France
- Coronavirus
- Coronavirus - Country overview
- Coronavirus - Workforce issues
08-04-2020
On 1 April 2020, and in the context of the COVID-19 crisis, the French Data Protection Authority (CNIL) has issued guidelines on remote working, to guarantee the security of information systems and of the data processed.
Remote working during coronavirus: best practices for employers in France
The CNIL recommends that employers have a remote working IT charter in place, or at least a set of minimum rules that the employees must abide by when working remotely.
If the existing rules should be modified to allow remote working, the employer should conduct a risk assessment and implement appropriate mitigation measures to lower any potential risk.
In addition, all of the employees work stations should be equipped with, at least, a firewall, an antivirus and tool blocking malicious sites. Where possible, a VPN should be used, with a two-factor authentication mechanism.
Where companies services are delivered on the internet, the CNIL further recommends using protocols ensuring the confidentiality and the authentication of the receiving servers, such as HTTPS for websites and SFTP for file transfers.
Equipment and software used should be protected against the latest software vulnerabilities. The CNIL recommends to visit the CERT-FR (Computer Emergency Response Team) website, which gives regular updates on the latest software vulnerabilities (site is available here).
In addition, a two-factor authentication mechanisms should be used, logs of access should regularly be verified in order to detect suspicious behaviour, and unsecure server interfaces should not be made directly accessible.
Remote working during coronavirus: best practices for employees in France
Employees should follow their employer’s instructions at all times, and strictly apply the IT charter that is in place.
In addition, where using their home Wi-Fi, employees should turn off the WPS function and activate an encryption system (WPA2 or WPA3) with a robust password. The WPS function should be deactivated and the guest Wi-Fi deleted.
Employees should use the device and the VPN provided by their employer. If they are working with their own device, employees should make sure that it is sufficiently secured, particularly by installing a firewall and antivirus protection. Only applications authorized by the employer should be installed on the device.
Finally, employees should not transmit confidential data through consumer services unless such data is encrypted, and be vigilant to phishing attempts which are particularly high in this pandemic context.
Contact and employment lawyer in France today
This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full terms and conditions on our website.
- New UAE Agency Law
- Government consults on draft Code of Practice on “fire and rehire”
- ESMA confirms changes to notification letters for cross-border UCITS and AIFs
- The Building Safety Act - an upset to the concept of “developer release”?
- MoHRE extends grace period in which to move to fixed term contracts in the UAE to 31 December 2023