Go Remote, but Keep Your Company's Data Safe
Author: Joakim Thorén, CEO
Companies around the globe are conducting remote worker tests. It’s one week where employees are encouraged to work from home. As summer continues, more and more companies are using the #goremote hashtag to signify their organizations are challenging employees to work from home and enjoy a flexible work schedule. Many companies embrace remote work because it helps reduce carbon footprint and dramatically improves work-life balance, as employees are not fighting bumper-to-bumper traffic during traditionally heavy commute times.
But as companies #goremote, they must diligently secure their remote employees' digital identities and access to their company servers, as remote workers pose a significant threat for data breaches.
Last year, Shred-it's State of the Industry Report surveyed business executives which showed 86% believe data breaches are more likely to occur when employees are working out of office. And while enterprise CXOs have security plans in place for these occurrences, only 35% of small business owners (SBOs) currently have a policy for storing or deleting confidential data remotely, and 54% of SBOs have no policy whatsoever.
Out-of-office breaches are more likely as employees use unsecured devices or fail to have proper multi-factor authentication to log into sensitive files or use remote, public Wi-Fi to access corporate servers.
It's important that companies, no matter their size, have corporate policies in place for remote workers to protect corporate data from getting into nefarious hands. And companies should look to the federal government for cues to shore up their remote security. For more than a decade, the U.S. government has mandated that all government agencies deploy multi-authentication methods for its workers.
Now, the U.S. government is demanding its contractors (often remote workers) also deploy multi-factor authentication if these contractors want to continue winning government contracts. Last year, the U.S. government cracked down on its Defense Federal Acquisition Regulation Supplement, better known as DFARS. One of the key provisions of DFARS is to accurately identify anyone accessing CUI data (access controls). So remote workers, like government contractors and suppliers, must demonstrate they have a security plan in place around access management.
Small and mid-size businesses (SMBs) can easily mimic the DFARS regulation, by controlling system access with technologies like virtual smart cards (VSCs). VSCs allow organizations to quickly and cost effectively implement strong authentication to their growing remote workforce. It's critical that the companies secure their access points; VSCs can be installed in any computer, even an employee's own device. It's fantastic that more companies embrace remote work options, but it's also vitally important they plan for security as a crucial element in the process.
To better understand how companies can protect their remote workers with VSCs, visit Versasec's virtual smart card page.