In the age of globalization and ultra-connectivity, companies are increasingly multinational: they have regional or local offices in more than one country and do business in many more. This invariably involves a lot of meetings and presentations for important clients and the visiting of niche fairs and conferences abroad. As a consequence, the work force has become more and more mobile and, due to the rise of portable devices, they can bring the office with them wherever they go.
While this level of flexibility has a positive impact on companies’ bottom lines, it can spell disaster for data security. The reason is fairly simple: security measures for data protection are often restricted to company networks and once data heads outside them, it can become vulnerable to theft and loss.
What can organizations do then to ensure that their data remains secure even when it heads outside the security of offices? Let’s find out!
1. Use encryption
It’s important for all devices leaving the company to be encrypted. This includes laptop hard drives, mobile phones, but also portable devices such as USBs. Flash drives are an especially big offender when it comes to data loss as, being small, they are very easy to lose, forget or steal. Who can forget that the security plans of London Heathrow Airport were found on a USB in a local library just last autumn? Imagine what could have happened if the wrong person had gotten hold of it.
Luckily there are solutions such as EasyLock which can be deployed on all company computers, effectively ensuring that any sensitive files transferred onto USBs are automatically encrypted. In that case, if anything were to happen to the USB, the files would be inaccessible to those without a password.
2. Use VPNs to connect to the internet
Public WiFi hotspots can be notoriously insecure, with cybercriminals often targeting them as an easy way to steal sensitive information passing between devices and websites. Even apparently secure WiFis such as those of hotels, restaurants or conference centers can suffer from breaches as there is no way of knowing what level of security is being applied to them.
Employees should therefore be encouraged to always use VPNs outside of the office so that any information they send and receive while on WiFi hotspots can be encrypted and thus, secure from the prying eyes of malicious third parties. Another possible solution to this problem is to provide employees with portable internet hotspots of their own which would eliminate the need to connect to outside networks.
3. Block access to ports
One way data can be stolen is when it is copied onto portable devices. While normally outsiders might have a hard time physically accessing company computers, once employees are on the move and they take their laptops with them, their opportunities greatly increase. A laptop can be left open in a hotel lobby, at a café table or during a conference presentation, making prime targets for data thieves.
This can be easily solved by using Data Loss Prevention tools with Device Control which can both block the connection of any portable device that does not meet company security standards or are not issued by it as well as enforce stricter policies and completely block the use of exit points and laptop ports.
4. Train your employees
Companies often rely on employees’ good sense to keep data secure and oftentimes neglect to provide adequate guidelines for data protection outside the office. It is essential however that they learn the potential threats they face when stepping beyond the boundaries of secure company networks.
Besides using new technologies to ensure protection, it is important for employees to learn to be vigilant and aware of the risks they pose to data security if they neglect to lock their devices when in public places, leave them unattended for even a short time or allow others direct access to their work devices.
5. Enable remote wiping
In case of physical theft or a device lost in a taxi halfway around the world, there is one more useful tool companies can use: remote wiping. Much like encryption, most mobile phones nowadays have a native remote wipe option that can be enabled and used online in case of theft or loss.
When it comes to laptops, Macs can be remote wiped if iCloud is configured on them and they are running on OS X Lion 10.7.2 or later. Microsoft offers it as an add-on service for Windows 10 through Intune which allows admin users to execute a full or selective remote wipe. There are also third-party tools that serve the same purpose.
Mobility is one of the key features of the work force of tomorrow. With work schedules and the definition of office space becoming more and more flexible, the employees of the future will frequently work remotely and travel extensively as companies go global.
We are only beginning to see the challenges this new way of working will bring to data security which is why it’s important for organizations to start educating their employees now and to apply new policies to ensure data will stay secure no matter where they may find themselves in the world.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.
