Companies Need to Address Telework Security

A new study has found that telecommuting presents some very complex cybersecurity challenges, and many organizations are busy ignoring those challenges. Do we need to focus more on cybersecurity and telework?

In an article on the Yahoo News website, Grant Gross says the study was released by the Center for Democracy and Technology (CDT), an advocacy group focused on privacy and security, and Ernst & Young.

“Officials with CDT and Ernst & Young declined to call telecommuting more risky than working in an office, but said telecommuting presented different risks,” Gross says. “In many cases, telecommuters use their own computers, subjecting company information to data breaches, and many companies don't have comprehensive telecommuting policies or restrict telecommuters from accessing data they don't need for their jobs, the study said.”

The survey found that less than 50 percent provided teleworkers with e-mail encryption software. Only about 50 percent of the organizations offered hard-token authentication for work devices and there was hardly any use of biometric authentication. Only about 20 percent of respondents said their organizations periodically inspect off-site work locations, and less than 50 percent use security cables to lock down computers at home offices.

“There are a lot of factors that go into making up the potential risk,” Ari Schwartz, vice president at CDT, told Gross. “In some instances — if you’re talking about very sensitive information, if you’re taking about someone who’s always working from home with very little monitoring — there’s going to be a greater risk than someone who brings home information every once in a while and is monitored a lot.”

But that doesn’t mean you have to abandon telecommuting as an option. Instead, Schwartz told Gross that companies considering telework should weigh the risks and take more steps to minimize the possibility of lost data.