Telecommuting and the virtual office put sensitive corporate data, including the personal information of customers, at risk of compromise, according to a report released by the Center for Democracy & Technology and Ernst & Young.
The report, "The State of Telecommuting: Privacy and Security," based on a survey of 73 organizations recommends that companies with a telecommuting workforce need to pay more attention to the unique privacy and security risks posed by remote access. The report offers practical advice to companies on securing data accessed by employees working from home or other remote locations.
According to a recent report more than 46 million people are expected to work at home at least one day a week by the end of 2011. That increase of telecommuting workers heightens the need for robust security and privacy policies. Respondents acknowledged the inherent risks of telecommuting, but admitted these risks aren't made a high priority.
Serious gaps remain between the establishment of security requirements and consistent monitoring and enforcement. Consider these findings:
--Computers used by telecommuting employees often do not contain security features that specifically address the unique threats that come from remote computing, such as inappropriate access by non-employees, use of technology for unauthorized purposes, etc.
--Portable devices, such as laptops and personal digital assistants (PDAs), commonly involved in data breaches, are widely used by telecommuters. However, few organizations have adopted thin client terminals-lightweight devices with Internet connectivity-which have little data storage capability.
--Telecommuting employees using their own personal computers or PDAs for work purposes thwart the advantages of employer supplied encryption tools.
--Allowing telecommuters to use wireless Internet connections is a common practice, but the use of wireless security measures is not widely required. The implications of this finding are compounded by the fact that telecommuters are increasingly accessing their neighbors' unsecured wireless connections when working from home.
--Policies on downloading software and using peer-to-peer file-sharing applications are common but the enforcement approach varies. While half of the organizations use technical controls to block peer-to-peer file sharing applications, and a third of organizations block telecommuters from using instant messaging applications, others lack technical controls, relying instead on software use policies.
More information on the service and support industry can be found at www.SupportIndustry.com