Remote Workers a Security Risk?
Remote Workers a Security Risk?
February 6, 2008: A Cisco-commissioned global study has found that the security awareness of remote workers leaves a lot to be desired and could be putting your organisation at risk.
The research was carried out by the US-based InisghtExpress and surveyed over 2,000 remote workers and IT professionals around the world. The key findings were that 56% of remote workers believe the internet is safer than it was a year ago, despite the rise in the frequency and types of attacks.
"While working at home, people tend to let their guard down more than they do at the office, so adhering to security policies doesn't always intuitively seem applicable or as necessary in the private confines of one's home," said John. N. Stewart, CEO at Cisco.
"The blurring of the lines between work and home, and between business lives and personal lives, presents a growing challenge for businesses seeking to capitalize on the productivity benefits of the remote workforce."
Another finding from the study was the different localised statistics for vulnerable behaviour, such as 62% of remote workers in China opening emails and attachments from unknown or suspicious sources, while in Australia it's 34% and 27% for the US. There are other glaring risks being taken by remote workers, such as allowing non-employees to borrow work computers for personal use and accessing work files with personal, non-IT-protected devices.
This isn’t to say that remote workers should be shelved, Stewart believes that access and distributed workforces are here to stay, pointing out that “They provide competitive advantages and greater operational efficiency. Businesses have the opportunity to benefit from productivity increases while preventing security risks from undermining them.”
This comes on the back of a 2007 Gartner report which predicts the population of worldwide corporate remote workers will reach 26.6 million by the end of 2011, which would require a growth rate of 4.3% per year, a clear indication that organisations believe they can benefit from it.
Stewart believes that the study stresses the point that managing corporate security is part technology, part process, part awareness, education and communication. "It's often more of a human challenge than a technical one. And because of that, IT has the duty to emerge from the traditional back office to become more proactively engaged and consultative with its user base. Simply put, now is the time for IT to become more strategic than ever." He said.