Study finds Flexible Work Models Linked to Privacy Risks

A trend toward greater flexibility in working arrangements is here to stay, but alongside its obvious benefits, new research shows an increase in the risk for breaches of confidential customer data.

A survey of over 1,100 respondents from large and small businesses across Australia in April 2018 found that while 63% of organisations acknowledge the higher risk of a data hack or information breach when employees work off-site, many have not adequately addressed information security in remote working policies.

The survey, conducted on behalf of document destruction specialist Shred-it, found that despite their legal obligations, only 50 percent of all respondents have a strong understanding of the legislative requirements to adequately protect their customers’ confidential information.

Flexible working arrangements can bring a myriad of benefits to businesses and employees; the ability to work with customers on-site, achieve work-life balance, enhance employee satisfaction and cut down on office space costs. Almost a third (3.5 million) of all employed persons in Australia regularly worked from home in their main job or business in 2016, according to figures released by the Australian Bureau of Statistics (ABS).

However, preparedness to ensure security of information when employees work off-site does not match these expectations. Only 40 percent of small businesses have policies in place for storing and disposing of confidential information when working off-site, despite customers ranking the protection of their personal information as a high priority. Across all respondents, just 56 percent claim that their organisation has security protocols in place for employees using electronic devices that contain confidential information while working off-site.

Even when an organisation has comprehensive policies in place, these are only effective if employees are diligent in their application. Yet, only 55 percent of respondents regularly train their staff on information-security procedures or policies.

Alongside higher rates of remote working are Bring Your Own Device (BYOD) policies whereby employees use their own device for work, increasing productivity and employee satisfaction. However, there are risks to be avoided with the adoption of these policies, as BYOD also increases the opportunity of data theft, data leakage and malware intrusion caused by a device being connected to an organisation’s network.

“In an age of digital communication, the importance of physical materials, such as paper, is sometimes overlooked,” said Tom Bell, Country Manager, Shred-it Australia. “For instance, our research shows that 59 percent of respondents think paper use will stay the same or increase over the next year, leaving organisations vulnerable to the loss or theft of paper based private information.”

Already ‘dumpster divers’ search waste paper for documents to facilitate fraud and it is very easy for them to target employees who may have printed at home and unthinkingly thrown out. The report also showed that 10 percent of respondents reported lost or stolen equipment, and of these, around half (48 percent) indicated that sensitive company data was put at risk as a result. This rose to 60 percent of C-Suite respondents.

The full report is available HERE