According to International Data Corporation (IDC), just three years from now mobile workers will make up almost 75% of the U.S. workforce. To anyone who has been paying attention, this should come as no surprise. It is increasingly rare to see anyone without a smartphone in this day and age - and just as rare to meet someone who has not used that device for working remotely on at least one occasion. You have doubtless heard all the rhetoric by now. Mobile devices are to remote productivity what the automobile was to transportation. Thanks to smartphones and tablets, the time an employee spends on the train or in line at lunch is no longer wasted. Now, it can be spent dialing in to meetings, connecting with colleagues over corporate instant messaging, or replying to emails. With the right applications, it can even be spent editing documents. It sounds incredible, right? There’s just one catch: security. While the fact that employees can connect from anywhere is a great strength of mobility, it is also its greatest weakness from a security standpoint. When an employee works at the office, the data they access is protected by your security architecture. For a bad actor to get their hands on that information, they will need to crack through several layers of security - firewalls, monitoring software, encryption, and so on. Not so for employees working remotely. A stolen or misplaced phone. An unsecured wireless network. A mobile application that leaks data to an external server (there are more of those than you might expect). These represent an extremely wide threat surface that you must protect. And that threat surface is only going to get wider, as wearable technology and Internet of Things devices make their way into the workplace. Shutting down mobile access entirely is not an option here, either. Employees can and will find a way around such a restriction. You need to enable your mobile employees, while also securing your data. This will require the following:
- Remote Policy Management: What devices are going to be accessing corporate data, and who will be using those devices? It’s imperative that you set up device profiles for the major user groups within your organization, with permissions appropriate to each group. A member of your IT staff, for example, will need likely need access to your entire infrastructure, while someone who works in HR will only require personnel records.
- VPN Access: As has already been established, you cannot trust public Wi-Fi when it comes to your business’s data. Equipping your employees with a VPN that will let them securely access corporate resources independent of location is critical. Liquid Web provides a powerful VPN service that’ll help you easily do just that.
- Remote Workspaces: By using a self-service captive portal (a web page users must interact with before they can connect) in conjunction with a digital workspace, you can simultaneously enable your staff to work remotely and protect your data from compromise while they do.
- Strong Password Policies: The number of users who use passwords such as “password” or “123456” is rather disheartening - and every single one of those users is a security risk. Implement policies for user passwords such as a combination of numbers, letters, and symbols, a minimum character count, and regular password updates.
- Endpoint management software. You need to put the power back in the hands of your IT department, and allow them to securely manage the devices used by your remote employees, as well as the applications and data accessed from those devices. Read this guide on selecting the right endpoint management tool for your business for more details.
- A remote work policy. This company-wide policy should determine what percentage of your staff can work remotely. Additionally, it should also establish performance expectations, best practices for security, and a plan of action for when something goes wrong.
- BONUS: Guest Wi-Fi. Not only should you secure your remote workers, but you also need to protect your internal network from remote devices. Creating a guest Wi-Fi provides employees and guests with a way to connect to the Internet through their mobile devices and personal laptops - without connecting directly to your local network.