The number of mobile workers across the world will have grown to more than one billion by 2011.

According to IDC, the number of mobile workers across the world will have grown to more than one billion by 2011. This growth is driven by the significant benefits that mobile working can bring but as ever, there is a downside. Every time a remote worker opens an Internet link to their company’s computing infrastructure, a security risk is also created.

Why mobile working?
Flexibility has become a requirement of success in the globalised marketplace. In his book, The World is Flat, Thomas Friedman comments, “It is now possible for more people than ever to collaborate and compete in real time, …on more kinds of work, from more corners of the planet and on a more equal footing, than at any previous time in the history of the world.” It is vital to participate in order to gain and/or retain a competitive business edge.

Many workers must adapt to a global schedule and employers need to give them the flexibility and tools to do so. Today’s communication technologies allow for successful and efficient integration of remote, mobile and third party overseas workers into business operations.

Security risks never go away
While the case for increased telecommuting is substantial, the security risks that come with it must also be considered. Mobile workers require real-time communications to get their jobs done effectively.

While many companies have implemented enterprise solutions for voice-over-IP and VPN access to company information, others are also using consumer-based or hosted technologies like blogs, wikis and cloud storage to carry out their work.

These tools are being accessed on laptops and mobile devices through public Internet points.  While providing many benefits to workers, all of these communication technologies present serious risks to company networks.

VoIP
Firstly, using voice-over-IP solutions in the workplace provides the ability to transmit more than one phone call over a single broadband connection, free or inexpensive conference calling, location independence and advanced telephony features like call routing.

An important advantage of VoIP is the ability to secure calls with standard protocols. This does not, however, mean that the connection is automatically secure.

It is still necessary to encrypt and authenticate the data stream.  Varying quality and feature richness of VoIP solutions mean that some products have great encryption built in, while others are lacking in this area, leaving sensitive phone calls open to other listeners.

For those VoIP users that do not have built in encryption or wish to add another level of security to a moderately secure connection, Internet dedicated security appliances are needed to secure the VoIP line.

VPN access and hosted applications
As far as the less the latest forms of communication applications (blogs, wikis, etc.), telecommuters typically use a mobile device, such as a laptop or BlackBerry, and an Internet connection to access them. This poses several problems.

There are some things you just don’t want to share with the Internet, and moving workers outside of the secure office network means that documents, emails, conversations, etc. can be up for grabs. When an employee connects to the Internet at the airport, hotel or  coffee shop, his connection is wide open.

If he decides to send private materials—such as financials, progress reports, sales leads or forecasts—to the company network, anyone can grab these private documents through the unencrypted connection. If hosted applications and data are not encrypted (perhaps only password protected) and the employee retrieves a company document through an unsecured connection, this document is also up for the taking.

The best solution to this problem is for mobile workers to use encryption and always connect to the company network through a secured VPN tunnel.

Malware
The use of the unsecured Internet and mobile devices by telecommuters also means that malware can become a big problem for the company.

Regardless of how much time, money and effort is spent on securing a company network, a worker that connects his laptop to his neighbor’s wifi can quickly infect his PC with innumerable viruses, worms, Trojans, etc. When he connects to the company network, any infections on his laptop are easily injected into the network.

According to an InsightExpress survey published by TechWeb, most workers believe that wireless security is the responsibility of the IT department.

The survey results indicate that most employees do not consider Internet safety outside of the office: “73% of mobile users said they are not always aware of security threats and best practices when working on the go.” While sometimes is better than never, another 28% of survey respondents said they “hardly ever” consider security risks or proper behavior when working out of the office.

In order to protect the company’s network from malware on infected mobile devices, you should choose a security solution that decrypts VPN traffic before sending it through intrusion detection. This type of solution will be able to catch malware before it reaches other users.

Conclusion
Although these are only a few of the network safety concerns of mobile workers, implementing a solution that will secure VoIP, provide secure VPN connections and decrypt VPN traffic prior to intrusion detection will go a long way to protecting a company’s network. The rate of mobile workers is only expected to rise in the coming years; taking action now will set up a network for easy and safe mobile access and prepare any company for the continued shift in working practices.

Share this: digg   del.ico.us   Newsvine   Reddit   Furl   technorati   Facebook

Comments (1)

Subscribe to this comment's feed

Name (required)

Email (required) (not published)

Website

Title

POST

By posting on this website you are agreeing to abide by our website comment policy and all posts are subject to the approval of the website editor. We will remove posts that contain offensive or threatening language, personal attacks on the writer or other posters, posts that are off topic and posts that are considered spam or specifically used to promote any commercial products or services. Any poster who repeatedly contravenes the policy will be banned from posting on the website.