The move toward telecommuting and satellite office spaces, combined with advances in mobile technology, are placing additional strain on the IT capabilities of small to mid-sized businesses.
When an organization moves from a single office environment to a more distributed workforce organizational structure -- whether employees are working at home, in another office, or on the road -- information security should be a primary concern. But, too often, IT security issues are not given the priority they deserve because companies are focused on overcoming other logistical problems.
Companies with a distributed workforce have to take data security seriously. Once employees are operating outside of a central office, the security environment has immediately changed in several critical ways:
• Remote employees need access to core business applications and databases
• Sensitive data must now travel across outside of the company's network
• Ensuring the security of hardware becomes more difficult
The need for a comprehensive data security plan increases dramatically when you have valuable and confidential information traveling outside of your company's secure digital perimeter.
3 reasons why mobile users are considered a weak link in cyber security
1. Unsecure internet connections: Most companies require remote workers to log in to a Virtual Private Network but out of convenience many remote employees may use their own internet connection or a public Wi-Fi connection. Using an unsecure internet connection increases the potential for data leaks.
Educate employees on the fact that public Wi-Fi is NEVER a secure connection. They must avoid accessing sensitive company accounts and personal data while on a public Wi-Fi. Many hackers setup fake Wi-Fi accounts that mimic the names of frequented locations hoping to steal sensitive data and passwords from unknowing users.
2. Lost devices: One of the leading and most common causes of company data breaches are lost or stolen employee mobile devices.
Create a risk management plan for mobile devices such as laptops, tablets and mobile phones. It is essential for these devices to utilize encryption software as well as software that allows you to track the device and remotely delete data.
3. Vulnerability: Employees using mobile devices to connect to your network that have out-of-date software, browsers, plugins as well as unpatched systems create an entry point for cybercriminals to access your company's network and data.
At a minimum these devices should be properly protected with secured strong passwords, encryption software, anti-virus, anti-malware and kept up to date on all software security patches.
Implementing a centralized data security plan is essential, but it must take into consideration the many and varied ways departments and individuals within a company actually go about doing their jobs day-to-day. There is not a "one size fits all" solution.
It's a challenging process, but not one that companies need to face alone. Working with an IT partner that understands the challenges faced by growing businesses, companies cannot only ensure that data is more secure, but also develop IT capabilities that provide more cost-effective and efficient results for employees and clients.
By taking a holistic approach and creating a well-researched strategic plan, companies expanding into more distributed working patterns can ensure data security doesn't suffer while their business grows.
• Robert Zehnder is president of Hodgson Consulting & Solutions. To learn more go to www.hodgsonconsulting.com