Site icon Rescue a CEO

3 Threats to Your Remote Workers’ Data

It’s common now for employees to work remotely – so much so that many of the traditional workplace operations have been altered, seemingly forever. Now, most teams converse through Slack, Microsoft Teams or other real-time chat and collaborating applications. Skype, Google Meet or FaceTime are used for meetings, and people work on documents simultaneously via Google Docs or Office 365. Instead of walking by your coworker’s cubicle, you need to check his online status.

Just look at the numbers to see how these operational changes have taken place across the corporate landscape: Fifty-two percent of global employees now work remotely at least one day per week and 85 percent of U.S. companies allow workers to be remote, according to Owl Labs’ 2018 Global State of Remote Work.

It is not surprising that younger workers, as part of a generational shift that thrives on independence and flexibility in their employment situation, desire to work on their own terms. But the result is that companies are being forced to change their policies so that all employees can take advantage of working remotely. Even for senior employees, who have traditionally commuted to work, this is a boon, because it allows for greater work-life harmony, with more time spent with family or on personal endeavors, and an easier transition out of the office in the years leading up to retirement.

This trend helps the bottom line, especially for startups and businesses that require skilled workers who may not be locally available. Companies can save money on real estate by having smaller offices in some cities that result in lower lease costs, or by outsourcing to collaborative workspaces like WeWork. Some managers are even offering remote working as part of the hiring incentive package along with other HR benefits.

Even a Stanford professor found, as reported by Inc.com, that remote workers are more efficient, are more engaged and reported higher job satisfaction.

Of course, as remote working brings benefits to businesses, it also brings risks – specifically, risks to corporate data management. Those risks can be mitigated by stronger IT security policies and practices and by a strong emphasis on cyber security employee awareness and education. Below are three important – but by no means exhaustive – areas to consider to better protect your corporate data:

  1. Open and Public Wi-Fi Networks

Remote employees enjoy the flexibility of working from many different geographies and locations – including away from a home office. They may be on laptops in cafés, in a coworking space, on buses, trains and even at the beach or a wilderness campsite. Because of this flexibility in location, remote workers are constantly accessing corporate resources via public networks where security has not been vetted, and thus should not be trusted.

To protect the organization, there are several precautions that should be taken to ensure that corporate data stays safe even when using a public network (e.g., public Wi-Fi or a community tethering device):

 

  1. Single Device for Both Work and Personal Use

 Few people are willing to lug two laptops or phones so they can use one for work and the other for personal needs. That means employees are mixing the use of their devices, so company and personal email, photos, app content and calls (e.g., Skype or FaceTime) are managed on the same device. The convenience of using a single device for both work and personal needs is too great for the trend to be fleeting and for workers to revert to using two or more separate devices. And in general, this instant access has enhanced the workplace, vastly increasing efficiencies and allowing coworkers to stay in contact whenever necessary. So it behooves companies to find ways to allow the use of a single device.

However, that means that when employees go to personal events such as concerts or weekend road trips, company data also goes along. If company data is in locations and situations where it is unprotected, that data is ripe for access by bad actors – especially if stored on a personal device, which would likely have less security measures enabled than a company-issued device.

To balance the convenience of using a single device for personal and professional needs, companies can rely on mobile device management (MDM) solutions. Modern MDM platforms and software protocols, such as Microsoft InTune and EAS respectfully, can help safeguard employee devices and protect against data loss. Those MDM solutions should consider the following:

 

  1. Employee Education

The best defense against malicious attacks and data loss is an educated workforce. Thus, all employees, regardless of position or level of responsibility at the company should be trained on safe cybersecurity practices. Employees should be able to recognize suspicious activity and alert someone who can handle the threat. Training should be part of the new employee onboarding process and repeated at least yearly. Plus, information about system vulnerabilities or other areas of security concern should be distributed to your team as soon as they become known.

A strong corporate information security program should encompass:

Companies may very well find themselves needing to adjust quickly to the remote worker phenomenon, and stronger security measures and employee education will help ensure both individual and company data stay safe.

 Alon Israely, Esq., CISSP, has been a part of the founding of several successful companies in the legal technology space including the premier services firm, BIA and most recently as a co-founder and CEO of TotalDiscovery, an industry-leading SaaS application for managing legal holds and discovery obligations. Today, Alon works with BIA and other legal services companies to consult with corporations and law firms on critical issues related to information security and data privacy. With over 20 years of experience in a variety of advanced computing-related technologies and areas, and as a member of the Sedona Conference and several digital forensics organizations, Alon stays on the cutting edge of new technologies and helps continue to lead the industry in driving secure, legally defensible methods and practices used by enterprises and the government to securely manage the complex requirements of document preservation and discovery.

 

Exit mobile version