While many businesses are returning to the office, some are offering hybrid work environments or allowing some employees to continue to work from home. Hopefully the security of your remote workforce has been considered during the pandemic. As you return to your “new normal”, it is a good time to reassess your security checklist. Items that may have seemed acceptable for a short-term timeframe should not be allowed any longer.
Data security may be the single biggest concern you have to address when looking at a remote workforce. When your employees are working in your offices, you control their methods of access to company data. For example, when they are on-site, they access through a network you have secured. They visit via tablets, PCs and mobile devices that your IT department maintains. In other words, you have much greater control over data security. Once access goes remote, data security becomes a bigger challenge.
Here are just three examples.
1) Employee knowledge of the potential risks to your data may be limited. Employees aren’t trained as experts in data security and are probably unaware of the many ways data may be compromised. As a result, when left on their own, they may be far more likely to inadvertently take actions that compromise your data or create vulnerabilities that would not be possible when on-site. As a result, you will have to provide ongoing training to everyone about the potential risks to company data and their responsibility to maintain secure behaviors.
2) IT has greater challenges overseeing security. Your IT department has a serious challenge in keeping up with data security. That challenge grows exponentially as your workers disperse to remote locations where IT has considerably less control over access tools and network connections. It is also much harder for them to update tablets, PCs, mobile devices, etc. with the latest software and security updates when that hardware is located who knows where. Again, this means pushing responsibility for upgrades and security patches onto individual remote employees.
Companies that were designed around the model of onsite employees accepted as a “normal” a paradigm of centralized control over the IT infrastructure by the IT department. With remote workers, however, the IT infrastructure and its oversight become decentralized. IT management suddenly becomes even more complex, requiring far more planning and careful design than ever. With WFH there are far more moving parts.
3) The BYOD problem – BYOD–Bring your own device–is just an extension of the above two points. Once you allow employees to use their own devices for work, that makes decentralized IT support even more difficult. Not only does IT have to support devices remotely, they also have a wider range of devices to support. Handling this involves a calculus of interests you will have to weigh against each other. BYOD can save you equipment costs. It is also generally popular among employees. Working from home increases your IT oversight costs and increases data security concerns. It is an issue that you have to consider when evaluating work from home policies.
If you have questions about your remote workforce systems and security, please reach out. We would be happy to evaluate your setup.