A fresh piece of research has pointed to the dangers of having staff members working away from the office on mobile devices, in terms of not having the correct policies in place to ensure the security of a business.
Shred-it conducted a survey of US-based small business owners and C-level executives in larger firms, finding that in the case of the former, 58% of SMBs have at least some employees working flexibly and away from the office at times.
However, the vast majority of these, 68% of small business owners, have failed to implement an information security policy for off-site work environments and flexible working. Thus these mobile workers could be putting crucial company data at risk when they’re working from a remote location.
Larger businesses were actually worse, although only a tad at 69% of C-level executive respondents indicating that their firm doesn’t have such a policy in place. And of course these organisations are much more likely to have staff working out of the office, with 92% of them having at least some employees working off-site.
Mobile madness
It’s not a very pretty picture for SMBs or bigger businesses, then, and things could get considerably uglier with more and more staff working flexibly in the future. The report noted that it’s estimated that there will be 105 million mobile workers in the US by the year 2020, and of course the UK is likely to follow a similar pattern.
All businesses should have policy points in place for mobile workers, and Shred-It outlines some simple guidelines including advising employees not to leave devices lying around in public places or vehicles, and to ensure devices are password protected and that data is encrypted. Companies should also place limits on the type of documents and files which can be taken away from the office on a mobile device.
Obsolete hard drives should also be securely destroyed, and the survey found that only 37% of SMBs wipe their own hardware in-house (if you’re sending hard disks away to be wiped, there’s always a chance precious data could fall into the wrong hands).
Source: techradar.com
Top Brands
While I am very security minded, I find this article, and perhaps the survey behind it (haven't read it) to be somewhat misleading. This is suggesting that these businesses are in terrible peril purely because they "… have failed to implement an information security policy for off-site work environments…", which they are not.
Before crying wolf, you have to take common sense and modern habits into consideration. I have had clientèle that have terrible passwords, like "password1" or "computer", but most don't, and many companies and softwares don't allow this anymore. With the advent of convenient and accurate fingerprint readers, more smartphones are becoming more conveniently secure as well.
Further, the pressure on smartphone, PC, and software providers to increase security in their product is incredible. At this point, not being secure is an active choice many people are making, and less a fault of whatever system they are using. You don't tell people your PIN or drink and drive. Make the smart choice.
I work almost exclusively in the field, and I can tell you honestly that my employer does not have a set in stone digital security policy. That's because we use common sense. So, if you really need them (and you probably don't if you're reading this), here's all you need for highly effective policy/practise:
– use a screen lock on your phone (password, pin, pattern, print, whatever)
– use a password on your computer
– don't leave your phone/computer lying around anywhere you don't trust
– don't let anyone use your phone/computer that you don't trust
– keep your operating system up to date (Windows, OSX, iOS, Android, etc)
– use antivirus (Windows, Android, yes Mac too)
– keep your antivirus up to date
– keep your Web browser up to date (most do it automatically)
– don't connect to wifi that you don't know or trust
– and for f*** sakes, quit opening email attachments that aren't expected (seriously, we've only been telling you that for 15 years!!!)
It's now 2016, and everyone carries a pocket supercomputer. These things should be second nature to you. To the nerds in the crowd, am I missing anything major?