Keeping remote work secure

Company culture, policies, education, training and IT infrastructure
By Michael Murphy
|Canadian HR Reporter|Last Updated: 09/18/2017
Remote Work
Security is a top barrier for business leaders when it comes to fully adopting less traditional working styles. Credit: SFIO CRACHO/SunnySideUp (Shutterstock)

Throughout the summer, companies likely saw an increase in the number of employees who chose to capitalize on the freedom to work remotely. Summer often means more flexible schedules — from working on a patio to working in-between errands or checking in with the office from the cottage.

More employees are requesting flexible work policies to enhance productivity and work-life balance. Companies, recognizing those same benefits, are granting them just that.

While new apps and devices offer benefits for the employer and employee in the realm of remote work, companies must ensure their corporate culture, policies and technology evolve equally as fast to address and overcome modern challenges. Both flexible work and security have become drivers of business value, and companies that thrive in both areas will become the true leaders of the mobile movement.

Growth of remote work

Almost one-quarter of global executives said that at least 20 per cent of their workforce is remote most of the time. Another 70 per cent said a similar number of employees are remote at least some of the time, according to the 2017 study Building the Digital Workplace conducted by Oxford Research for Citrix.

In fact, 48 per cent of executives said they let employees choose their hours, as long as the job gets finished.

The new era of digital workspaces is changing the dimensions of how and where work is done. With less structure and more technology at their fingertips, employees can tackle their work in modern ways, through less formal work schedules, informal office layouts optimized for on-the-go workers, and options to work outside the office altogether.

It’s clear that work is no longer constrained by physical locations, and everyday life is no longer limited to the rigid nine-to-five schedule.

With digital workspaces, companies can widen the pool of available workers from different geographies or other limitations, and attract top talent by offering flexible policies employees crave. In fact, digital work helps employees to solve problems more creatively, provide better customer service, and collaborate more effectively, found the Oxford survey.

Security concerns

However, security is a top barrier for business leaders when it comes to fully adopting less traditional working styles. In Canada, many companies see security as the main reason for keeping employees in the office, along with the cost of technology and management culture.

And how can you blame them? With global cyberattacks constantly in the headlines, breaches and hacks are a reality of today’s digital landscape. Letting employees access data from outside a work server, allowing them to use personal devices for work or share files between different hardware can seem like just another headache for the IT department. Moving to digital work, without having proper protections to support the transition, can indeed put companies at risk.

Contingent employment can add another challenge to corporate security. Contract, freelance or project-based employees can pose a risk if they bring their own devices, or have inadequate training on the security systems of the company. And if not given full access to company files, they can open servers up to a threat by accessing their own unsecured data. Building the Digital Workplace found that only 28 per cent of those surveyed provide training on technology to contract workers.

The good news is that when it comes to securing digital workplaces, mitigating the risk of cyberthreats does not mean making policies stricter or pouring more money into the IT budget. Rather, it’s about making company culture and policies, education and training, and IT infrastructure more effective (rather than more expensive) and better aligned with the dimensions of the modern workplace.

Taking a holistic approach

For companies that are serious about security, this can only be done by taking a proactive, holistic approach to security that engages the IT department, the HR department and C-suite executives.

First, companies must foster a firm corporate culture around security. This means: updating policies and procedures to secure mobile technology; an overall risk strategy to account for mobile workers and virtual workspaces; and a process for effectively managing the use and security of employee-owned devices.

Importantly, fostering this culture of “security first” must begin from the top down. C-suite executives must lead by example — whether that’s refusing to mix work and personal email, regularly updating passwords, or attending security seminars and training sessions. With top leaders leading the charge, employees will see security as a company mandate where all are accountable, rather than something owned by one department.

Second, companies must offer adequate training and education about security in the workplace. While it’s often thought companies’ biggest enemies are malware or hacking, it is human error that continues to be a main factor in cyberbreaches. And through threats such as such as social engineering, phishing and spear-phishing, the human factor has an important role when it comes to protecting company data.

With remote workers, it may be easy to loosen up on security practices with an “out-of-sight, out-of-mind” mentality. But a corporate culture with an embedded security element, supported by a communication plan — where employees are updated on security protocol and educated about the sensitivity of corporate intellectual property and security best practices — will encourage employees to put security first.

Lastly, a secure digital workspace needs effective technology that minimizes the opportunity for a breach from the get-go, and allows for speedy resolution in the case of an attack. For example, with desktop virtualization, companies host their company apps and data, then provide virtual access to employees regardless of their location or  the device they’re using.

The security benefits are two-fold. First, virtualization means companies avoid security threats in case of lost or virus-infected devices as corporate data is stored in a centralized, secure data centre. Second, since all updates are done virtually from the data centre, workers are no longer left with the responsibility of applying security updates and patches on their devices, apps and operating systems.

With proper technology, security can lessen the burden on both IT and individual employees.

Michael Murphy is a vice-president and country manager at Citrix Canada in Toronto. For more information, visit www.citrix.com.

Add Comment

  • *
  • *
  • *
  • *