According to the article at SecurityPark.net, a SonicWALL survey shows that more and more business leaders and managers are getting comfortable with the idea of remote working.
The reasons for this increasing positive attitude seem to be heavily geared towards employee motivation and the cost of doing business (the savings on office space! What a deal!) There are concerns as well, however, such as the impact on employee productivity and building strong teams.
But the one concern that has surged to the top of the list is security. No doubt, the unending reports of security breaches reported in the media are making business leaders sit up and take notice. Not only does it seem that one wakes up to a report of a new security breach each day, but the level of actual and potential damages—to the business and customers—seem to grow each time.
Despite the increase of awareness in the need for security, it looks like the implementation of security policies and procedures is still at a standstill for most businesses. This is a dangerous development. A growing mobile workforce with non-secure devices just increases the chances of security breaches. Lost laptops and hand-held devices with customer’ private data seem to be in the news every week. I’ve even read of instances of laptops being stolen at gun-point. And what about burglarized homes? The fact you’re using a desktop (and hence not a mobile computer) won’t help you in this instance. Anything not bolted down is technically mobile.
There is no mention why businesses are delaying the implementation of the necessary security measures. Which is weird at best and irresponsible at worst, since theft and accidents cannot be foreseen by the victims, and businesses certainly cannot include them into their annual business plans and budgets (this is such a silly thing to point out). And, it will happen. It’s a matter of when, not if or maybe.
However, it seems that most businesses operate as if this can’t happen to them. Or perhaps they’re under the impression that the username and password that they provide when their computers boot-up is enough protection (for those who aren’t aware, it’s not. It can easily be overridden). Encryption services provided by AlertBoot would help to increase the security of devices outside of the workplace.
Businesses should also be afraid of internal attacks as well. The instances of data theft by employees are growing, either because they think they won’t get caught or because they have an axe to grind. Just hook up an iPod to the computer at work, and—presto!—you can copy sensitive files off the machine.
Device encryption and application controls should be a basic requirement for businesses with a mobile workforce, especially if they’re equipping their employees with company-issued equipment. By device encryption, I mean more specifically hard drive encryption. This way, the contents of your computer cannot be easily accessed. Port control, also offered by AlertBoot, allows you to specify which devices can be connected to computers. The iPod I mentioned above? Place it on a blacklist of unapproved devices, and it won’t be able to connect to your computer.