Four Telecommuting Security Mistakes
- 26 March, 2009 09:16
According to figures released recently by the Nemertes Research Group, an Illinois-based research advisory firm, as many as 71 percent of U.S. companies offer full-time or part-time telecommuting to employees. Despite the large number of employees who work out of office, another recent study from The Center for Democracy and Technology found many continue to sideline the issue of telecommuting security in favor of more urgent needs. (For more on telecommuting risks see: Telecommuting Poses Privacy, Security Risks)
Whether it is employees who travel frequently for their job or staff that work out of a home office full or part-time, their mobility poses serious security risks to your organization. CSO spoke with two security strategists about common mistakes employees often make while telecommuting, and asked for advice on how to put a damper on them.
Careless use of Wi-Fi and accessing unsecured networks
In research released late last year, Cisco polled more than 1,000 end users in 10 countries and found 12 percent of people who work out of the office regularly connect to a neighbor's wireless network when working at home. Another study from Accenture found one in seven Americans admit to "borrowing" Wi-Fi from an unsecured connection
"Today, this is very easy to do," said Ralph DeFrangesco, a computer science professor at Drexel University and consultant who helps companies assess and develop security programs. "You are sitting in a Starbucks or a Borders with your laptop and you need access to the Internet. You open your laptop and connect to the first unsecured network you find."
Firewalls will provide some protection against some malicious wireless intruders, but risks certainly still exist, said DeFrangesco, who recommends companies tell employees to limit their time on an unsecured network and use encryption, like PGP, whenever possible.
"What people don't realize is that hackers sit on these networks, or set up their own, and put password sniffers on them to capture passwords," he said. "I have had many friends that have noticed funny things with their personal e-mail and work accounts after connecting to an unsecured network."
Another thing to consider: In addition to the obvious risks this poses to an organization's sensitive data, it is also potentially illegal.
"The law is very vague here, but you could be committing fraud depending on the network," said DeFrangesco.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Nemertes Research Group Inc. - CSO Online - Security and Risk
- Center for Democracy and Technology - CSO Online - Security and Risk
- Telecommuting Poses Security, Privacy Risks - CSO Online - Security and Risk
- Cisco Systems Inc. - CSO Online - Security and Risk
- Accenture Ltd. - CSO Online - Security and Risk
- Drexel University - CSO Online - Security and Risk
The enlightened CIO’s guide to running projects
Why IT projects really fail
Queensland government to provide 200 services online by 2015
Call Centers Suffer From Big Data Overload
CIO 100: Carsales wins top gong for innovation
Virtual Server Backup Software Buyer’s Guide
Virtualization affords organizations multiple opportunities to reduce power, optimize hardware utilization, improve application availability and ultimately drive down costs. In light of its benefits, it is no surprise that virtualization penetration has surpassed 50% of all server workloads and continues to grow. In this guide, we evaluate prominent virtual server backup software solutions and identify their strengths and weaknesses.
Managing Web Security in an Increasingly Challenging Threat Landscape
Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Those who would do harm to our computer systems for profit or malice always manage to focus their efforts on our most vulnerable weak spots. Today, that is the web, for a wide number of reasons. Download to find out why and what you can do to protect yourself.
Deliver Enterprise Mobility with Security and Performance
Mobility and the consumerisation of IT pose key challenges for IT around scalability, security and application visibility. In this whitepaper, we look at complete, integrated and scalable solutions that deliver apps and data to any device with full security and a high-performance user experience. Learn more!