It was about 12 months ago that the way we worked changed forever due to the pandemic. Companies had to act swiftly to keep running and, in some cases, rapidly accelerate their remote working plans. For some organisations, this meant having to use technology, processes and systems that would not be considered acceptable under normal circumstances. How many people will be using personal or shared devices and broadband to access their company’s systems and data?
According to the Data health check survey from business continuity supplier Databarracks, less than half of organisations used only company-owned devices. More worryingly, 14% of companies were storing data locally and planned to move it to enterprise systems later.
This causes a real headache from a compliance and security perspective. How can organisations ensure that personal devices or storage media are securely wiped of all corporate data? Companies also need a plan for dealing with data held by employees who leave or face redundancy.
Even companies who have issued corporate devices to their workforce face levels of risk. Employees working remotely using business devices could be risking the security of company systems and data by visiting insecure sites and services. A report from Netskope has found that the use of risky applications and websites from managed devices has nearly doubled. Using anonymised data from millions of global users, the company found a 161% increase in visits to high-risk apps and websites, as personal use of managed devices increased by 97%. The report also highlighted that 7% of all users had uploaded sensitive corporate data to personal instances of cloud apps — putting this data at risk of theft.
Nobody realistically expects working practices to return to how they were just over a year ago, so with the prospect of continued flexible and remote working being the norm, this potentially huge risk needs to be addressed. Failure to do so greatly increases the likelihood of falling foul of regulations such as GDPR.
However, the risk of exposure can be mitigated by having the right tools and policies in place. Fundamentals First offer a range of technologies and services that can improve your security posture, strengthen your governance and ultimately protect your mobile workforce. Get in touch if this is something you would like to discuss.