Over the past decade, mobility has arguably been technology’s greatest gift to the workplace. Cost-effective laptops, Blackberrys and high speed wireless broadband access means today’s workers don’t have to be chained to the office to be productive.
Yet the ability to work whenever and wherever we please presents enormous potential challenges to IT, security and network professionals. While hackers probe the networks of large organisations for weaknesses every day, workers’ own actions could unwittingly give cybercriminals access to sensitive corporate information.
The key to protecting your network lies not in taking workers’ freedoms away from them however, but in education. A workforce that has been fully informed of the security threats that modern working poses – and has the tools to protect itself – will be less likely to risk corporate networks.
With this is mind, Ian Bunning, ntl: Telewest Business’s security spokesperson, gives his top five tips on how IT managers can help end users to protect corporate data:
1. Worry free wireless
Wireless broadband is essential for mobile and field workers to access business information on the move. Signing into unfamiliar or public wireless networks can be risky, resulting in users’ computers becoming infected with Trojans or keystroke loggers that migrate on to corporate networks the next time a worker plugs in at the office.
If broadband access on the move is essential for your workers, consider providing them with 3G ‘dongles’, which are now relatively inexpensive and more secure than signing into wireless hotspots.
2. Hack proof passwords
Passwords are the first line of network defence, but lack of knowledge as to how to create an effective one often leaves workers relying on the easily hackable names of pets, children or birth dates. Instead of dictating a potentially unenforceable password policy, try empowering workers. A short training session or webinar on creating the perfect password takes minutes, and could significantly reduce network breaches.
A more sophisticated option lies in applying two-factor authentication technology (such as the CRYPTOCard solution offered by ntl:Telewest Business) to your network. This approach offers increased protection by changing the password each time a user logs in.
3. Twitter ye not?
The use of social networking sites such as Facebook and Twitter at work may be a hotly debated topic, but appropriately used they can represent a relatively low risk to corporate networks. The key to success here is for IT professionals to take a lead in setting parameters. Work with HR to develop an ‘appropriate use’ policy and communicate it to workers. Employees who understand their responsibilities will usually abide by their terms.
4. Messenger in a bottle
While a key part of ensuring network security lies in keeping unapproved software outside the company firewall, the applications that workers download to their computers can indicate gaps in the tools they need to work effectively.
MSN Messenger, for example, acts as a useful way for mobile and remote workers to keep in touch with colleagues while out of the office, and Skype indicates the workforce wants to make use of Internet telephony. Instead of banning these applications outright, consider how their functionality could be replaced by a Unified Communications solution.
5. Encryption – use it, don’t lose it
There will always be occasions when sensitive information must be exported from the network. Minimise the risks of losing the information by encrypting at rest. Effective encryption packages are readily available and offer a much higher degree of protection than relying on passwords alone which (as we already know) are typically only as strong as the user makes them.
Whether you are relying on mobile devices such as Laptops, PDA’s, CDs or memory sticks to transfer sensitive files, ensure you have an encryption policy in place, and educate users to understand and follow it.
