Information Security Stats Show that the Remote Workplace Comes with Risks
Is your organization ready for all the security challenges of the remote workplace?
IDC research has shown that the remote workforce will expand to 105 million workers in the U.S. by 2020. While employees will have work flexibility and organizations will have lower overheads, one of the biggest challenges will be information security, according to Shred-it’s 2016 State of the Industry Report.
The report, which draws information security data from the 2016 Information Security Tracker research by Ipsos, warns that many organizations are not prepared. For example, only 31% of C-suites and 32% of small businesses (SBSs) have an information security policy that addresses off-site and flexible work environments.
Here are key aspects of the remote workplace – and safeguards that will reduce the risk of a data breach.
Tools: Mobile technology is at the heart of the remote workplace. Instead of having a land-line and a desktop in an office, employees in the remote workplace use laptops, USBs and smart phones (their own devices or devices provided through the company). An organization’s ability to effectively manage byod security risks and other risks is critical. Employees require training on how to manage and protect mobile tools. For example, never leave devices in vehicles, hotels, restaurants, etc. Proper procedures outside the office must be incorporated into an organization’s overall approach to information security.
Location: Employees in the remote workplace do their jobs from home, their car, and from public spaces such as coffee shops, airplanes, and taxis. Organizations must implement strict policies requiring employees to protect confidential information in paper or digital form in any location. Spotlight visual hacking risks, and provide privacy screens for laptops and other mobile devices. Issue blocking sleeves to protect credit cards and ID too.
Information handling: Limit confidential information that is physically removed from the office. If possible, use cloud storage to access information from a remote workplace. Otherwise, use encryption for files and electronic devices such as phones and hard drives. Make it policy that all confidential information (for example, boarding passes, printed materials, etc.) is securely shred. Whether in paper or digital form, it should be brought to the workplace for proper disposal and destruction.
Connectivity: Employees need to be connected. Implement a policy to never use public Wi-Fi for sensitive work information – connect only to trusted networks. Provide guidelines about social media security too. Sharing information on Facebook and other sites can increase the risk of confidential information getting into the wrong hands.
Hardware management: According to the State of the Industry Report, there should be protocols that govern how legacy electronic hardware is handled. Rather than stockpile old equipment, securely destroy it. The report’s information security stats showed that 47% of large businesses use a professional destruction service to dispose of obsolete electronic devices; 76% dispose of hard drives, USBs and other electronic devices every two to three months or more.
The 2016 Shred-it Security Tracker shows security awareness training is one of the most important safeguards for any organization – to inform employees about best practices whether work is done in a remote workplace or not.