“Mobile working is an interesting issue because it has grown rather organically; almost a natural progression from the mass take-up of mobile phones for personal use from the late 1990s to now. So naturally, businesses have developed routines that don’t naturally lend themselves to achieving such huge cost savings, leaving senior management to deal with the consequences. Possibly the most important issue is combating bad data transfer habits,” he said.
Yeoman continued: “Despite the subject coming up time and again, staff that have been working out of the office on smartphones and tablets for a while – often off their own back before protocol is introduced – are continually putting business critical data at risk. Once there is a breach caused by a lost USB stick or a phone left on a train seat, the costs can be insurmountable, completely rendering the efficiency savings redundant. Too many workers are still expected to determine their own method for transferring data off site, and are free to make their own arrangements for its storage whilst off-site. Particularly at home or when travelling, this can often lead to complacency and so a real risk to the business. The problem is many firms automatically want to put a bandage on the wound with verbal codes of practice that eventually get ignored again.”
“Firms often make the mistake of viewing data security as an on-site issue. Businesses must accept that every document that leaves the premises comprises a risk – even if it is just being viewed remotely on a tablet, that tablet still holds a cache and it can be retrieved by anybody once accessed, without the proper security measures. Before allowing the workforce remote access to important data and information, it is essential to conduct an audit to identify how your staff currently transfer and handle business data outside of the workplace. Consider tracking what files are leaving the network and with whom – make sure employees can’t save documents onto tablets, phones and laptops,” said Yeoman.
He explains: “Firms can only expect robust data protection if they properly support their employees whilst off-site – that means providing best-practice education, and methods that are safe and user friendly for non-technical staff. Virtual private networks offer a secure data connection to authenticate and encrypt sensitive business data, and there are web-based services that can safely transfer, store or back-up work documents whilst outside of the office. This all completely negates the need to work locally and save documents in insecure environments,” concluded Yeoman.