FEATURE: BYOD
Another element is the actual user behaviour,
arising because users may have more versatile
use of their devices when they are outside the
organisation as compared to internally. An
example here could be the ‘road warrior’ who
is on a business trip and needs to take care
of personal tasks on his corporate device –
potentially introducing risk.
//////////////////////////////////////////////////////////////////////////
The third and perhaps most important
challenge is consumerisation of the devices
that remote workers are utilising. We
sometimes call it Bring Your Own Device
(BYOD) but the fact is that it is extremely
challenging to enforce security settings on a
device which you do not own and control. the workforce. This should include making
employees understand the implications
of their actions, company security policies
and best security practices such as the use
of strong passwords. Furthermore, training
should be an ongoing activity rather than a
one-time exercise.
All this said, the ability to work from
anywhere and at any time positively
impacts both employee productivity as
well as job satisfaction. In today’s business
environment therefore, it is imperative for IT
to support and secure the remote workforce. Use of VPNs
So, what can organisations do to secure their
remote workforce?
Employee awareness and training
Nicolai Solling, CTO, Help AG
52
INTELLIGENTCIO
Last year, social engineering was the initial
attack vector used in 65% of the threat
advisories that our Managed Security
Services (MSS) team published. Recognising
that humans still present the weakest link in
the cybersecurity chain, the first task should
be to raise cybersecurity awareness within
As employees will often use their personal
devices when connecting to company
networks, it is best to provide them with a
secure means of access. VPNs are designed
specifically for this as they encrypt data and
hide the IP address of the user. So even if
the employee is accessing sensitive company
data via an insecure connection, potential
attackers wouldn’t be able to extract any
useful information.
Identity access management
In the world of cloud and the distributed
workforce, there is no more important
security task than being able to identify users
in a strong way. I cannot emphasise how
www.intelligentcio.com