How to Avoid the Biggest Security Risks of Remote Working
How many of your employees work outside of the office?
Market intelligence firm Strategic Analytics has forecasted that the global mobile workforce will reach 1.75 billion and account for 42% of the workforce by 2020. Add part-time work – Citrix data shows that globally, 61% of workers now do their jobs outside the office at least part of the time – and the numbers skyrocket even more!
But while device design and pricing are expected to improve and fuel this trend, there are still lots of concerns about overall remote working and BYOD security.
In fact, off-site employees with multiple mobile devices were seen as one of the biggest security threats in Ponemon’s 2015 State of Endpoint Report: User Centric Risk study. An endpoint includes servers, desktops, laptops, smart phones and other devices.
What are the biggest security risks of remote working?
Unsecure and public Wi-Fi connections
Wi-Fi connections (in business lounges, on trains, in coffee shops, etc.), can lead to data breaches. But the use of unsecure Wi-Fi has more than doubled since 2013, according to the Endpoint Report. Recommendations: Never use public Wi-Fi for sensitive information. Only connect to trusted networks.
Stolen or lost laptops are one of the most common – and costly – business security incidents. A survey in the U.K. and Germany by information security firm Imation showed that nearly 2 of 5 respondents knew of lost or stolen devices in public places – and 75% of these devices contained work-related data. Recommendations: Securing a laptop or other device means never leaving it unattended in a public place, car, or hotel room. When removing information from the workplace, encrypt files.
Visual hacking of information on mobile devices can occur almost anywhere. Recommendations: Ensure the device screen is not visible to others (and avoid displaying confidential information) in a public place.
More than 75% of Endpoint Report respondents called out negligent employees who do not follow security policies. In the Imation survey, employees took confidential information out of the office without the knowledge of their employer. Recommendations: Include Remote Working best practices in your organization’s Information Security Policy. Provide on-going security awareness and compliance training.
Unsecured Mobile Apps
In Cisco research, 70% of IT professionals believe the use of unauthorized programs lead to at least 50% of their companies' data loss incidents. Recommendations: Include a list of approved apps for BYOD security. Check that app makers have addressed security.
Improper disposal of confidential information
It can be difficult to ensure that mobile employees are following the rules. For example, when mobile devices are no longer needed they may be stockpiled at home; or confidential documents may be tossed into the garbage. Recommendations: Highlight information security for remote workers in your organization’s security policy and training.Ensure that obsolete mobile devices are properly disposed of (ex. physical hard drive destruction). Partner with a reliable document destruction company, and direct employees to bring all paper documents and e-media and hard drives to the workplace for proper disposal and destruction.
Today, organizations must stay on top of information security best practices, like BYOD security, whether employees are doing their job in or outside of the office.