28/11/2014

By Nicholas Banks, VP EMEA and APAC of Imation, IronKey


Ministers recently announced that remote working laws have been relaxed in the UK to allow more employees to work from home, and newly launched research suggests as many as 31% of surveyed remote workers across the UK are now doing so in order to manage high volume workloads.

As all employees in the UK are now eligible to request flexible working hours. This new legislation will carry with it vast security implications. Remote and flexible working is an on-going challenge, and with more employees working from home, or away from the office, organisations will need to up the ante if they are to provide secure access to corporate networks.

Security and data protection measures can often be overlooked, and whilst technology is already sufficient enough to make remote working a viable option, minimising the amount of sensitive data leaving the company, and reducing the risk of a significant breach, is imperative.

According to the aforementioned research surveying remote workers, nearly two in five survey respondents, or someone they know personally, have lost or had a device stolen in a public place. Whilst three quarters of these devices - such as laptops, mobile phones, and USB sticks - contained work-related data including confidential emails (37%), confidential files (34%) and customer data (21%). Around one in ten lost financial data or access details such as login and password information, potentially exposing even more confidential information to the risk of a data breach.

As the Information Commissioners Office (ICO) has the right to issue fines of up to £500,000 for serious breaches of the Data Protection Act, ensuring you have a robust security policy in place is critical.

Attitudes towards security of data on the move need to change, as employers and employees are closing their eyes to the security risks of remote working. Nearly half (44%) of respondents stated that data is never encrypted when taken out of the office, three out of ten respondents admitted they do not protect their data with passwords, and nearly one in ten workers who take digital files outside of the office did not secure them at all.

Whilst almost half of UK (49%) respondents believe that keeping work information secure is the equal responsibility of both the employee and employer, the uncertainty surrounding accountability and responsibility confirms the need for businesses to ensure that their employees have the necessary tools to work flexibly and securely.

With 26% of respondents in organisations that have a security policy admitting that they have broken their company’s security rules or policy in order to work remotely, employers need to educate their employees on the importance of data security, and update systems and policies, so that they cannot be violated and disregarded.

Companies need to provision staff with the technologies and secure processes to work flexibly and securely, making certain they have the necessary policies in place, data is encrypted and password protected, and be confident that if a device is considered to be compromised they can remotely lock it down, or initiate a self-destruct sequence to remove and protect the data.