- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
Allowing employees to work from home and telecommute poses security and privacy risks that are not being addressed adequately by business or government, according to a study released today by consulting firm Ernst & Young in partnership with the Washington-based advocacy group Center for Democracy and Technology.
The report, "Risk at Home: Privacy and Security Risks in Telecommuting," surveyed 73 corporate and government organizations to find out whether they had formal telecommuting security policies implemented in practice, and whether employees working from home were trained in protecting data. The report concludes this was too often not the case, putting business and government data at far higher risk than if appropriate security best practices were used in the home telecommuting environment.
"We identified some disconnects about recognizing risk areas and addressing it," said Sagi Leizerov, senior manager with Ernst & Young's advisory services group, about the findings in the report.
Ari Schwartz, vice president and COO at CDT, said the privacy-advocacy group assisted with the study to put the focus on determining what the best practices in telecommuting might actually be.
Schwartz said this question is of growing importance as the practice of telecommuting grows. He pointed out that security breaches have occurred in the context of telecommuting in the past two years, include well-publicized ones at the Department of Veterans Affairs and the National Institutes of Health, as well as at Blue Cross Blue Shield and the state of Ohio.
Neither Ernst & Young nor CDT is opposed to telecommuting, but Schwartz and Leizerov said the report's findings indicate the organizations surveyed often failed to adequately recognize the risks in telecommuting. They said telecommuting doesn't inherently pose more risk than office-based work, but it poses different risks that need to be recognized.
If setting policy is a starting point, organizations are slipping even on that. Only half of the organizations participating in the survey have even developed guidelines for telecommuting or provide guidance to their employees at all.
The survey looked at whether personal computers, portable devices and wireless networks were being used in telecommuting and which security controls were in place for them.
The Leader in Network Knowledge
Comments (8)
E911 and telecommutingBy Anonymous on August 7, 2008, 1:51 pmAnother important factor to consider when introducing telecommuting at an enterprise or organization is 911 service. While it is important to ensure that telecommuters...
Reply | Read entire comment
Sorry, but Telecom is good. . . By mak88 on August 6, 2008, 7:57 pmWell, telecom has revolutionalized the industry. So as with new inventions new problems come, deal with the problems, find solutions. And by the way, report isn't...
Reply | Read entire comment
Not surprising but maybe forgotten?By tuomoks on August 6, 2008, 7:47 pmI have been "telecommuting" since 70's, designing and creating environments to telecommute, moving from office to office, customer to customer, country to country,...
Reply | Read entire comment
Bluster and BS courtesy of EYBy Schratboy on July 30, 2008, 12:05 pmNothing new here, move along! A better title would have been: Users pose security, privacy risks! Technology and policy are relative. You can have the absolute best...
Reply | Read entire comment
throw the baby out with the bathwater...... an IT centrist approBy Anonymous on July 30, 2008, 11:13 amYes, indeed... it has finally come down to this... I call for a complete revolution; get rid of all e-mail attachments since they use too many computing resources,...
Reply | Read entire comment
View all comments