WFH Need Not Become a Security Threat

Photo credit: iStockphoto/Favor_of_God

Over the years, the pressures on many organizations to encourage and enable remote working had been building up. Then COVID-19 happened and forced a seismic shift towards mandatory remote working for millions of employees across the globe in a shockingly short span of time.

Entire functions of many global organizations are now working remotely — and we’re now seeing a glimpse of what the future of work could look like. Perhaps, the majority of business leaders have been shaken into a new perspective and this will change how we all work, forever.

COVID-19 upended the world in an instant and it is critical to begin implementing the robust building blocks now to future-proof your business for remote working.

A recent white paper titled “Return to Business as Unusual: Workplace of the Future" by Verizon and the Boston Consulting Group, outlined the factors that business leaders need to consider as they gear up to return to a very different workplace.

A strong and secure mobile connectivity to access those applications, as well as the corporate WAN (for those that are not cloud-enabled) was identified as one of the six factors that are required for remote working to be successful.

However, a large number of organizations are still compromising their mobile security to get things done, which leaves entities at risk. According to the Verizon Mobile Security Index 2020, forty three percent of respondents reported their organization had sacrificed mobile security in the past year – quite a significant chunk.

In fact, the study found that 39% of respondents reported having a mobile-security-related compromise. Sixty-six percent of organizations that suffered a compromise called the impact “major,” and 55% said the compromise they experienced had lasting repercussions.

While there’s no silver bullet for mobile security; an acceptable use policy (AUP) is an important place to start. AUP helps to set organizational guidelines and improve employee knowledge of cyber threats. AUP governs what employees can and cannot do with their mobile devices. AUPs can help drive efficient use of resources, limit exposure to online threats and protect organizations against security breaches. Yet, many companies don’t have formal policies in place. In fact, only 56% of mobile security professionals surveyed reported having an AUP in place.

The MSI 2020 acceptable use policy guide outlines some tips for making your AUP stronger. Here are 10 steps to take to start building your AUP:

  1. Set the criteria for appropriate and inappropriate websites
  2. Understand what behaviors you want to encourage or discourage
  3. Secure all your mobile devices, whether employee owned or corporate owned
  4. Promote LTE and limit Wi-Fi use to secure networks
  5. Curate company approved apps and limit the rest
  6. Address risks across the mobility ecosystem
  7. Articulate and enforce your patch policy
  8. Set expectations on acceptable data volumes
  9. Guide employees on compliance
  10. Provide regular phishing training

A well-thought-out AUP can go a long way in helping keep your organization secure. Combine it with unified endpoint management, mobile threat defense and other mobile security solutions and you can strengthen security and streamline administration.  

Ashish Thapar, Managing Principal for Verizon Threat Research Advisory Center - Asia Pacific wrote this article. The views and opinions expressed in this article are those of the author and do not necessarily reflect those of HR&DigitalTrends. Photo credit: iStockphoto/Favor_of_God