Telecommuters are nothing new at TriNet Group, a human resources outsourcer in California, U.S. In fact, a significant part of the company's workforce operates remotely, either out of their homes or in small satellite offices, all on laptop computers, according to Bob Dehnhardt, the company's network and information security manager.
But over the past 18 months, Dehnhardt has grown increasingly concerned about the rising number of mobile computer security breaches in the news, most notably the theft of a laptop and external drive from a U.S. Department of Veterans Affairs employee -- an incident that compromised the personal data of 26.5 million veterans and military personnel. So last year, he helped institute a series of security policies, including a requirement that all employees who work at home must sign a contract. One of the contract's provisions states that such employees must be willing to open their homes for inspection.
"Working from home is a privilege, not a right," Dehnhardt says. "It has numerous advantages to both the employer and the employee, but it also constitutes a very real security risk for the company. There have to be rules and policies in place to protect the employer from this risk, and both parties must agree to them."
But TriNet is ahead of the curve in home-worker security. Despite network attacks, virus onslaughts, data loss and other hazards that remote users can introduce, many U.S. companies haven't bothered to establish security policies for teleworkers, according to Runzheimer International, a provider of employee mobility products and services. In Runzheimer's 2006 survey of 87 organizations with mobile workers, 62 percent of respondents said they were concerned about the security of company assets located off-premises, but only 46 percent reported that they have a virtual office policy.
"A lot of companies are just hoping that nothing will happen," says Jack Gold, a mobile technology consultant at Runzheimer. "And yet for a reasonable amount of effort, they could eliminate 90 percent of the potential problems."
For starters, telecommuters should use only company-owned equipment for their work, not their own home computers, Gold says. That way, IT can ensure that the equipment is loaded with virus protection software and other control devices. By keeping operating systems and application versions standardized, IT can also centrally manage virus updates. "If you rely on the end-user community to take care of their own systems, you're in trouble," Gold says.
At TriNet, telecommuters use centrally managed laptops. "This gives us a means of enforcing policy, since we own the equipment, and it also reduces the workload on our support people, since they don't have to troubleshoot why Billy's World of Warcraft installation broke our critical internally developed application," Dehnhardt says.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Enterprise Wireless WLAN Security
Learn more about the security challenges to be faced when defining and implementing security mechanisms within diverse wired and wireless network environments. Download this must-read guide to plan your wireless data protection strategy now.
Buying Guides
Latest Products
Buying Guides
