Are we too work-obsessed to be secure?

By Per Stritich, Vice President EMEA, OneLogin.

  • 8 years ago Posted in
What’s the first thing you do when you wake up in the morning? Do you pick up your phone to check social media, the latest news and weather? Or are you straight into work-mode?
 
The modern workplace is constantly connected. In many ways, connected devices are becoming an extension of our physical being, permanently within reach and “always on”. Increasingly, people sleep next to their phones, check devices at meal times, and even connect while on holiday. It is becoming almost impossible for many people to switch off from work in personal time and instead, working much longer hours.
 
The rise of the remote worker is of course helpful for an organisations’ productivity and is considered a step in the right direction for flexible working and a much desired good work-life balance for employees. However, as more of us adopt mobile working, it’s key to stop and look at the implications of constant connectivity and the effect it may be having on both the health of employees and the health of business security.
 
Never switching off
Many people feel under pressure to connect to work apps outside of work time, and this is having a significant impact on the work-life balance of employees. The workday may begin at 9am, but not at the office for many people. In fact, according to our recent research, for large proportion of people (26 per cent), work apps are the first thing they view on their mobile devices when they wake up. Some people even admit to checking their work apps more than they check their personal ones.
 
It has also recently been reported that working longer hours can in fact be harmful to our personal health[1] and that staying constantly switched on can heighten stress levels. In fact, our research shows that a third of us  worry that we are too connected and feel we should check our work apps less outside of work hours.
 
Although it appears that employees are aware of the effects connectivity is having on their own health, it seems that many do not realise what damage their work-obsessions is doing to the security of company data.
 
Surrendering security
Naturally, as work-connected devices leave the office, they are subject to access from various other, potentially unauthorised sources. Employees are likely to leave them on the kitchen side, in the bedroom – or even accidently on public transport. This in itself should start ringing security alarm bells for businesses as their data is ending up in multiple ‘wrong’ hands. This of course, wouldn’t be such a problem if employees were adequately protecting these devices.
 
Unfortunately, this isn’t always the case. Although the majority of employees have security software set up on the devices they use to access work applications, many of them are bypassing the most simple of security procedures – password protection and sharing. Our research shows that over a third of UK employees (35 per cent) would readily share their passwords for work-related technology (devices, apps and emails) with their close friends and family and 9 per cent would do so with colleagues, giving automatic access to sensitive corporate data.
 
It’s apparent that our constant connection to work has the potential to cause security concerns for businesses, but the pros outweigh the cons and remote working is certainly not on its way out. So what can businesses do to help secure data, while keeping workers flexible?
 
What can businesses do?
Businesses may well have policies in place about flexible working, and in addition a good manager should always keep a close eye on the hours employees are choosing to work. Consistently working early or late may be a choice on an employee’s part, but regularly working well beyond contracted hours is not a practice to be encourages.
 
In addition, businesses can put some measures in place to improve remote device security . While we all recognise that connectivity is crucial in modern business, it appears that the dedication we have for our work is putting corporate networks at risk.  Security is sometimes being overlooked for the benefit of convenience but the correct measures need to be put in place to ensure remote workforces are accessing data securely and that it’s not inadvertently or deliberately placed in the hands of others.
 
Employees are the most important resource to any company and at the same time the weakest link when it comes to information security, so rather than implementing complex security measures that discourage workers, security needs to be as user-friendly as possible. The quick implementation of an IAM solution and single sign-on technology is vital for those looking to get access under control and ensure employees aren’t putting data at risk, ensuring they are the only ones who can get their hands on it.
By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Gareth Beanland, Infinidat.
By Nick Heudecker, Senior Director at Cribl.
By Stuart Green, Cloud Security Architect at Check Point Software Technologies.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.