Security on the Go

Jon Fielding, Managing Director, EMEA, Apricorn.

Organisations continue to eschew the traditional 9 to 5 office hours as employees adopt a more flexible working approach. Between 2012 and 2016, flexi-time rose by 12.35 percent and data from the Office of National Statistics (ONS) revealed that the number of UK workers who moved into remote working increased by nearly a quarter of a million over a decade.

As attitudes change towards flexible and mobile working, and communication capabilities continue to improve with 5G on the horizon, the number of mobile workers is expected to rise further over the next three years, with half the UK workforce expected to be working remotely by 2020.

Research we conducted earlier this year highlighted that all (100%) of the IT decision makers we surveyed had employees who work remotely at least some of the time, with an average of over a third (37%) of staff members who do so. With an increase in the numbers working remotely, this means more data moving beyond the confines of the corporate network, and organisations need to ensure that any data, be it at rest or on the move, remains secure.

Mobile working has had huge business implications, and organisations must be certain that their security is strong enough, and also flexible enough to support new legislation such as General Data Protection Regulation (GDPR). The security implications of remote working are an ongoing challenge, and the burgeoning enterprise landscape already stretches across mobile phones and tablets. With more employees working from home, or away from the office, organisations are tasked with the monumental challenge of providing secure access to corporate networks.

While many are taking steps protect their data, such as implementing security policies for mobile working and bring-your-own-device (BYOD), just under half of respondents to our survey (44%) still agree that their organisation expects their mobile workers to expose them to the risk of a breach.

Educating employees in the value of the data they work with will help to build a culture of accountability, within which keeping data safe becomes second nature to employees at every level. Employees are an organisation’s biggest asset, but they can also be their biggest liability. When it comes to the mobile workforce and data security, employees should be trained on the secure use of their mobile and removable media devices and the necessity to follow the corporate security policy at all times.

Roughly a third of IT decision makers (32%) say that their organisation has already experienced a data loss or breach as a direct result of mobile working, and to add to this, 30 percent of respondents from organisations where the GDPR applies are concerned that mobile working is an area that will most likely cause them to be non-compliant.

When questioned over their data security policies, 50 percent of IT decision makers admitted that they were unable to guarantee that their data was adequately secured when being used by remote workers. In fact, only roughly half of those companies surveyed were certain that their data was securely encrypted on the move, in the cloud and where the employee is working. This is disconcerting considering the numbers now working outside of the office confines.

The risk of corporate data falling into the wrong hands is high. Employees losing memory sticks or leaving laptops on trains are all high probabilities and, inevitably, these devices will contain data not meant for prying eyes. If data isn’t encrypted, its integrity can easily and quickly be compromised. Businesses need to be able to manage and track the data when it leaves the organisation.

Secure portable data storage solutions, such as our hardware-encrypted USB flash drives and external hard drives, are crucial to the mobile workforce and the invaluable data they carry. IT departments need to be sure that their security policies will not have a negative impact on productivity and hinder employees in their remote working. They need to know who has access to the data, from what location, and what devices that information resides on.

Any data breach has the potential for huge reputational damage and financial losses as a result of fines levied by the Information Commissioners Office (ICO). Organisations must monitor how data is processed, stored, retrieved and deleted in order to remedy any shortcomings and ultimately avoid a costly data breach. The remote workforce is only going to grow, and organisations need to establish and maintain even basic level security to avoid the associated risks.