Subscribe to CIO Magazine »

Four Telecommuting Security Mistakes

A look at some common security no-nos committed frequently by mobile workers, and tips on how to stop them.

According to figures released recently by the Nemertes Research Group, an Illinois-based research advisory firm, as many as 71 percent of U.S. companies offer full-time or part-time telecommuting to employees. Despite the large number of employees who work out of office, another recent study from The Center for Democracy and Technology found many continue to sideline the issue of telecommuting security in favor of more urgent needs. (For more on telecommuting risks see: Telecommuting Poses Privacy, Security Risks)

Whether it is employees who travel frequently for their job or staff that work out of a home office full or part-time, their mobility poses serious security risks to your organization. CSO spoke with two security strategists about common mistakes employees often make while telecommuting, and asked for advice on how to put a damper on them.

Careless use of Wi-Fi and accessing unsecured networks

In research released late last year, Cisco polled more than 1,000 end users in 10 countries and found 12 percent of people who work out of the office regularly connect to a neighbor's wireless network when working at home. Another study from Accenture found one in seven Americans admit to "borrowing" Wi-Fi from an unsecured connection

"Today, this is very easy to do," said Ralph DeFrangesco, a computer science professor at Drexel University and consultant who helps companies assess and develop security programs. "You are sitting in a Starbucks or a Borders with your laptop and you need access to the Internet. You open your laptop and connect to the first unsecured network you find."

Firewalls will provide some protection against some malicious wireless intruders, but risks certainly still exist, said DeFrangesco, who recommends companies tell employees to limit their time on an unsecured network and use encryption, like PGP, whenever possible.

"What people don't realize is that hackers sit on these networks, or set up their own, and put password sniffers on them to capture passwords," he said. "I have had many friends that have noticed funny things with their personal e-mail and work accounts after connecting to an unsecured network."

Another thing to consider: In addition to the obvious risks this poses to an organization's sensitive data, it is also potentially illegal.

"The law is very vague here, but you could be committing fraud depending on the network," said DeFrangesco.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Accenture, Cisco, Cisco Systems, FEMA, PGP, Starbucks
References show all
Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: telecommuniting
Latest Blog Posts
  • Information Management
    Valuable data can be a needle in a haystack, but by leveraging the value in existing information assets, organisations can generate real and achievable gains in revenue generation, IT investments and productivity gains. This whitepaper discusses how Information Management (IM) is a multi-faceted discipline that can be employed to meet or exceed your business objectives.
    Learn more »
  • CISO 2013 Security Insights: A new standard for security leaders
    Insights from the 2013 IBM Chief Information Security Officer Assessment which uncovered a set of leading business, technology and measurement practices that help to address the questions CISO's and security leaders have in managing diverse business concerns, creating mobile security policies and in fully integrating business, risk and security metrics.
    Learn more »
  • IDC MarketScape Excerpt: Worldwide Client Virtualization Software Assessment
    The rise of BYOD is creating governance and regulatory nightmares while providing end users with unprecedented flexibility and agility. While IT is still intrigued by the possibility of a better desktop management model and the operational savings client virtualization software could deliver, it is the increased governance and the ability to deliver desktops, applications, and data to any device that are driving today's purchases.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Latest Jobs
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments