2011: The Year of the Mobile Worker
Mobile Workers and their employers both have rights
Already 1 billion and counting worldwide, mobile workers will comprise one-third of the world’s workforce by the year 2013, according to a forecast from research firm IDC.
As mobile workers proliferate, they will continue to rely on a variety of internet-enabled devices to access essential information from the corporate network: This presents enterprises with evolving security challenges.
Mobile workers see the ability to "workshift," or work around their own schedules, as an advantage that benefits both themselves and their companies:
- Thanks to Wi-Fi and mobile technology, off-site employees can be productive in a number of locations such as coffee shops, in transit or at the airport, folding in a convenient layer of flexibility into the mix.
- Mobile employees can work unconventional hours and navigate around personal schedule conflicts. This type of "give" allows them to produce deliverables on time despite unexpected turns of events.
- "Smart" mobile devices enable workers to access important non-company websites, such as airline sites, as well as the company network. So there is no need to call the office to schedule travel or to have someone - and there may not be anyone available - look up corporate, flight or other information.
- A high percentage of mobile workers "thank" the company for this flexibility by working more than 40 hours a week.
Mobile Worker Bill of Rights
Although a mobile employee isn’t physically working onsite, he or she still has the right to equivalent protection of any staff member in the office. The mobile connectivity firm iPass refers to these rights as the "Mobile Worker Bill of Rights." According to the bill, the mobilocracy has the right to the following:
- To stay connected
- To choose the mobile device to use
- To access the best carrier networks and services
- To IT support
- To a secure mobile experience
- To use the mobile service with the company footing the bill
Mobile Employers Bill of Rights
However, all companies agreeing to any such bill of rights have certain rights of their own:
- To only permit authorized access to corporate data
- To require mobile workers to use the latest firewalls, patches and security protocols to access the network
- To require mobile workers to use strong passwords for identification to access the network
- To maintain a central database for authentication, so that the company can approve and just as easily revoke authentication across the enterprise and across all integrated systems
- To deletion data from endpoint devices in the event that they are lost or stolen
- To block any communications to any devices or employees not adhering to any of the above policies
The next step: your security policies
To enforce adherence to this Mobile Employers Bill of Rights within your own office, create a usage policy - requiring employee’s signatures - that informs them of data security and physical security (e.g., only hands-free use while driving) measures required when using a mobile device for work purposes.
Enterprises should also educate mobile workers on typical social engineering threats like phishing and trick e-mails from spammers pretending to be financial institutions or utility companies. Encourage employees to notify the company of any suspected security compromises. The company should encourage a team concept when it comes to security - it is everyone’s responsibility and not just that of IT.
When providing devices for the workforce, make sure that the company pre-loads all devices with the necessary security software before giving them to staff. (IT can conduct these downloads much more efficiently than most employees.)
If mobile workers are selecting their own cell phones and tablets, the company should ensure that they adhere to the same security protocols, such as firewall usage, updated security patches, etc., as they would with any company-issued device.
Whether employees use their own mobile devices or firm-supplied units, the enterprise can use the cloud to deliver security protocols and to route all network requests through a secured connection.
By following these security precautions, the enterprise can help ensure that its rights, as well as those of its mobile workers, are protected.
By Phil Britt