Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

3/19/2021
08:20 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Forrester: Despite COVID-19 Vaccine Deployment Underway, Employers Must Exercise Caution as They Plan to Reopen Physical Offices

CAMBRIDGE, Mass., March 18, 2021 — As COVID-19 vaccine deployment and mass vaccination programs get underway, employers are at a new decision point: how to accelerate the “back to normal” without overstepping their bounds. According to Forrester (Nasdaq: FORR), 40% of European and 30% of US employees are ready to return to the office, requiring employers to prepare for an array of new privacy, ethical, legal, and compliance challenges as they plan to leverage vaccine and immunization passports to return employees to the workplace. 

From doubts about vaccines’ effectiveness to significant country-by-country variation in administration priorities, employers need to be cautious as they define their pandemic management plans. In its new report, "The Opportunity, The Unknowns, And The Risks Of Vaccine Passports In The Workplace," Forrester identifies several risks that employers must address if deploying vaccine passports — a digital document that provides evidence of an individual’s immunization status — to inform their return-to-work strategies. Risk exposure includes sensitive data mishandling, discrimination, labor union mobilization, diminished cybersecurity, and negative impact on the customer experience. 

Key highlights from the reports include: 

  • Vaccines are not a silver bullet. Factors ranging from global vaccine strategies to early-stage understanding of the virus, its variants, and efficacy of the vaccine mean employers must plan to continue anywhere-work policies and hybrid experiences to balance convenience with well-being. 
     
  • Avoid the privacy and ethical pitfalls of a “no jab, no job” policy. Forty percent of European and 30% of US employees are ready to return to the office, but asking employees to carry proof of inoculation with them to enter the workplace introduces privacy and ethics risks. 
     
  • Follow principles of proportionality, fairness, and transparency. Employers should collect only the minimum amount of data needed to trigger specific policies. They should encrypt medical data and enforce strict access, sharing, and deletion policies to ensure fairness and protection. 
  • Employers must navigate compliance and legal risks. In the US, the Equal Employment Opportunity Commission (EEOC) agreed that employers can make the vaccine mandatory for employees, but several state legislatures have challenged the legality of such a requirement. In the EU and UK, each country has its own approach. 
  • Be mindful of customer experience and perceptions. Relaxing protocols for distancing, sanitization, and mask wearing in customer-facing interactions risks a negative impact on how customers perceive a brand and their willingness to do business with the organization. 

“While COVID-19 is loosening its grip, it’s not going away,” said Enza Iannopollo, senior analyst at Forrester. “Vaccine passports don’t offer the silver-bullet solution that many might hope for easing pandemic protocols and restrictions, and businesses should be planning for life with COVID in the medium to long term. Our overarching message to organizations everywhere is one of caution. With the right planning and consideration, the return to work will be smoother and more successful for all involved.” 

Related Resources: 

About Forrester  

Forrester (Nasdaq: FORR) is one of the most influential research and advisory firms in the world. We help leaders across technology, marketing, customer experience, product, and sales functions use customer obsession to accelerate growth. Through Forrester’s proprietary research, consulting, and events, leaders from around the globe are empowered to be bold at work — to navigate change and put their customers at the center of their leadership, strategy, and operations. Our unique insights are grounded in annual surveys of more than 675,000 consumers, business leaders, and technology leaders worldwide; rigorous and objective research methodologies, including Forrester Wave™ evaluations; over 45 million real-time feedback votes; and the shared wisdom of our clients. To learn more, visit Forrester.com.  

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27394
PUBLISHED: 2021-04-16
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions <...
CVE-2020-9667
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.
CVE-2020-9668
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.
CVE-2020-9681
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.
CVE-2021-26830
PUBLISHED: 2021-04-16
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.php in the `Pugin library - delete` module.