Dynamic Business Logo
Home Button
Bookmark Button

Flexible work & security risks

Unless businesses begin securing corporate data outside the corporate IT infrastructure, the valuable evolution towards flexible working may be short lived, writes Tim R. Dickinson.

Working form home may be the stuff of fantasy but flexible working is now a corporate reality improving staff retention and supporting corporate environmental policies. The near ubiquity of broadband combined with a transformation in the reliability and speed of wireless communications has transformed the viability of home and remote working.

However, flexible working is also proving to be a major business risk as organisations struggle to impose adequate data storage, back up and security policies for remote workers. With increasing volumes of valuable data stored on laptops and home PCs in danger of being lost to the business, and employees being left unproductive with lost or damaged equipment, the flexible working nirvana is losing its shine. It’s the home worker’s laptop, which is rarely backed up and secured, that is truly naked.

Flexible Work Contracts

Organisations are increasingly creating flexible contracts for workers, allowing home working one or two days each week; while customer facing employees are now able to be in constant communication with head office irrespective of global location. In an environment of over crowded trains and roads, the flexibility offered by reliable remote working is delivering improved staff morale, driving down employee turnover and transforming opportunities for organisations to entice part-time staff back into the workplace.

This burgeoning generation of mobile workers has spawned a new era of working practices. No longer chained to the desk, home workers are released to adopt any style of attire, location and time for work—giving rise to the notion of the naked home worker.

Yet while offering many clear benefits, ad hoc policies for home or remote working also create significant corporate risks; risks that extend far beyond generally unfounded fears for employee productivity. Critically, after years of investment in data back up and security within the corporate IT infrastructure, organisations are apparently allowing vital company data to leave the organisation unsecured, unprotected and un-backed up in what is becoming an anarchic remote working environment.

Unsecure Information

Indeed, more often than not organisations are delivering laptops and VPN access with no more than generic LAN-based policies for regular back ups, security downloads and data synchronisation. They have no visibility of whether or not these activities are carried out and no way of imposing control.

The result is intermittent local backups at best, a tendency to override data synchronisation with the corporate network to save time and sporadic virus/security checks. Users also often forget to turn off other systems before using the VPN, leading to back-door access to corporate LAN, adding significant security risks to the organisation.

In far too many cases, vital corporate information is being left unsecured, unstored and unprotected on remote machines. It is often only shared with other workers via email, undermining corporate document management policies and challenging expensive compliance strategies.

More critically, however, any damage or theft of these remote devices will result in complete data loss—at potentially huge operational cost. Also, the remote worker will be left without workable equipment for some time. Waiting for a member of the IT support team to come and repair, replace or reinstall the machine can take several unproductive days, while the vital documents and information—from new business propositions to customer correspondence—have been lost for good.

Protecting Your Data

So how can organisations or their IT service providers protect the growing volume of data now located outside the safe confines of the corporate IT infrastructure? Larger organisations with deep pockets are imposing complete control by combining VPN access with automatic security updates, back up and synchronisation whenever the remote machine logs onto the corporate network. And access to corporate applications when outside the network is often severely restricted to further safeguard the infrastructure.

However, even such tightly defined policies can cause problems. By only allowing heavily restricted access to corporate applications and significantly reducing the facilities available on portable devices, organisations are running into problems with senior knowledge workers who are simply not able to work effectively. The result is a gradual policy creep, with IT changing access rules and machine functionality on a case by case basis, undermining the corporate policy and adding risk in the process.

In addition, synchronisation and updated backups/security upgrades are only conducted when the user is connected to the corporate network because the majority of tools automating these processes are LAN based. The result is that remote workers are left unprotected when working on their standard Internet connections.

The only way organisations can truly impose control over the remote workforce and protect data outside the corporate network is to adopt web-based technology that provides monitoring and support irrespective of location across every wired and wireless Internet connection.

Security Solutions

It is by extending internet-based monitoring and support of devices from within the IT infrastructure to every remote device that organisations can regain control over the growing band of flexible workers. Combining real time security downloads with automated back-ups transforms the safety and reliability of the remote working model. Indeed, even if an organisation opts not to enforce automation, real time monitoring ensures visibility of whether or not employees are following back up and security procedures remotely.

Using such a model data can either be streamed to an off-site repository, or backed up onto a local device controlled remotely from within the corporate business, while security scans and updates can be scheduled and enforced should a machine be off line at the scheduled time. Furthermore, snapshots of the entire machine taken at regular intervals ensure that should failure occur, the device can be remotely rebuilt and reinstalled within minutes, transforming productivity.

Should a user require additional functionality to support specific job requirements, this can be achieved within seconds and with full visibility of the security policy, minimising any potential reduction in productivity.

In addition, real time monitoring provides immediate insight into inappropriate remote behaviour, such as the installation of new software or hardware devices. Critically, the organisation can monitor these remote machines using the same tools and console already being used to manage the existing internal infrastructure, minimising the cost of enabling a remote workforce.

Flexible Data Risk

With ever growing demand for flexible working policies that embrace home working, hot-desking and the use of satellite offices, the pyjama wearing employee is a growing breed. But if they are to continue to deliver corporate value, organisations have got to recognise the dangers posed by unsecured data and unprotected machines.

Today, too many in-house and outsourced IT teams are veering from imposing excessive control that constrains productivity to no control, leading to remote data anarchy. Unless this risk is addressed, organisations will begin to rapidly rethink the value of remote working, undermining both human resources and environmental policies. It is only by leveraging web-based tools that organisations can achieve the remote monitoring and automated back up and security required to cost effectively bring the remote workforce back into the controlled environment of the corporate infrastructure.

Visit: http://www.kaseya.com for more information.

-Tim R. Dickinson is regional manager, Australia and New Zealand for Kaseya, Automating IT provider. Kaseya’s IT automation framework allows IT professionals to proactively monitor, manage and maintain distributed IT infrastructure remotely, easily and efficiently with one integrated Web based platform.

Contact Tim on: tim.dickinson@kaseya.com

 

What do you think?

    Be the first to comment

Add a new comment