Four Telecommuting Security Mistakes
- 26 March, 2009 09:16
According to figures released recently by the Nemertes Research Group, an Illinois-based research advisory firm, as many as 71 percent of U.S. companies offer full-time or part-time telecommuting to employees. Despite the large number of employees who work out of office, another recent study from The Center for Democracy and Technology found many continue to sideline the issue of telecommuting security in favor of more urgent needs. (For more on telecommuting risks see: Telecommuting Poses Privacy, Security Risks)
Whether it is employees who travel frequently for their job or staff that work out of a home office full or part-time, their mobility poses serious security risks to your organization. CSO spoke with two security strategists about common mistakes employees often make while telecommuting, and asked for advice on how to put a damper on them.
Careless use of Wi-Fi and accessing unsecured networks
In research released late last year, Cisco polled more than 1,000 end users in 10 countries and found 12 percent of people who work out of the office regularly connect to a neighbor's wireless network when working at home. Another study from Accenture found one in seven Americans admit to "borrowing" Wi-Fi from an unsecured connection
"Today, this is very easy to do," said Ralph DeFrangesco, a computer science professor at Drexel University and consultant who helps companies assess and develop security programs. "You are sitting in a Starbucks or a Borders with your laptop and you need access to the Internet. You open your laptop and connect to the first unsecured network you find."
Firewalls will provide some protection against some malicious wireless intruders, but risks certainly still exist, said DeFrangesco, who recommends companies tell employees to limit their time on an unsecured network and use encryption, like PGP, whenever possible.
"What people don't realize is that hackers sit on these networks, or set up their own, and put password sniffers on them to capture passwords," he said. "I have had many friends that have noticed funny things with their personal e-mail and work accounts after connecting to an unsecured network."
Another thing to consider: In addition to the obvious risks this poses to an organization's sensitive data, it is also potentially illegal.
"The law is very vague here, but you could be committing fraud depending on the network," said DeFrangesco.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Nemertes Research Group Inc. - CSO Online - Security and Risk
- Center for Democracy and Technology - CSO Online - Security and Risk
- Telecommuting Poses Security, Privacy Risks - CSO Online - Security and Risk
- Cisco Systems Inc. - CSO Online - Security and Risk
- Accenture Ltd. - CSO Online - Security and Risk
- Drexel University - CSO Online - Security and Risk
Five trends affecting legal CIOs
CIO Roundtable: The changing face of security
Bitcoin malware count soars as cryptocurrency value climbs
Bouncing Back From CIO Unemployment
Union slams latest fibre-to-premise trial in Tasmania
The Total Cost of Ownership Benchmarking
This white paper provides business insight after an extensive analysis of Total Cost of Ownership (TCO) associated with IP and legacy TDM (Time Division Multiplexing) telephony systems in 236 different corporate environments worldwide.
Whitepaper: Preventing Data Loss Takes More Than MDM
You need to secure your BYOD devices—but MDM alone isn't enough to prevent data loss. Read this whitepaper—Data Loss Prevention: When MDM Is Not Enough—to learn how to combat MDM shortcomings. See how to add cross-platform security, implement protection policies, and address risks in consumer apps.
Traversing Energy Markets
For a number of industries, there is room for delays caused by poor performance of IT infrastructure, and the importance of a solid monitoring system has never been greater. Read about how the Midcontinent Independent System Operator was able to tackle this challenge and effectively administer one of the world’s largest energy markets.