Already 1 billion and counting worldwide, mobile workers will comprise one-third of the world’s workforce by the year 2013, according to a forecast from research firm IDC.
As mobile workers proliferate, they will continue to rely on a variety of internet-enabled devices to access essential information from the corporate network: This presents enterprises with evolving security challenges.
Mobile workers see the ability to "workshift," or work around their own schedules, as an advantage that benefits both themselves and their companies:
Although a mobile employee isn’t physically working onsite, he or she still has the right to equivalent protection of any staff member in the office. The mobile connectivity firm iPass refers to these rights as the "Mobile Worker Bill of Rights." According to the bill, the mobilocracy has the right to the following:
However, all companies agreeing to any such bill of rights have certain rights of their own:
To enforce adherence to this Mobile Employers Bill of Rights within your own office, create a usage policy - requiring employee’s signatures - that informs them of data security and physical security (e.g., only hands-free use while driving) measures required when using a mobile device for work purposes.
Enterprises should also educate mobile workers on typical social engineering threats like phishing and trick e-mails from spammers pretending to be financial institutions or utility companies. Encourage employees to notify the company of any suspected security compromises. The company should encourage a team concept when it comes to security - it is everyone’s responsibility and not just that of IT.
When providing devices for the workforce, make sure that the company pre-loads all devices with the necessary security software before giving them to staff. (IT can conduct these downloads much more efficiently than most employees.)
If mobile workers are selecting their own cell phones and tablets, the company should ensure that they adhere to the same security protocols, such as firewall usage, updated security patches, etc., as they would with any company-issued device.
Whether employees use their own mobile devices or firm-supplied units, the enterprise can use the cloud to deliver security protocols and to route all network requests through a secured connection.
By following these security precautions, the enterprise can help ensure that its rights, as well as those of its mobile workers, are protected.
By Phil Britt