Protecting the company as employees travel during the holidaysby Steve Ragan - Dec 9 2009, 22:00
As the holidays move forward, businesses will want to protect their employees and their assets as they move around the country. While the holidays are supposed to be for relaxation and family, the reality of it is that the majority of those traveling this season will be taking their work with them.
The Tech Herald was interested in some measures a business could take during the holiday season to protect company information and assets. Lucky for us, one vendor who has a knack for this line of protection offered their opinions.
“Employee holiday travel presents a significant threat to corporations in the form of unintentional data loss, leakage, and privacy problems, as more and more employees work remotely and travel during the holiday season,” said Gregory Shapiro, the Vice President of Engineering, and Chief Technology Officer at Sendmail, Inc.
“For this reason, the strategy for any corporation with employees traveling over the holidays should include security and policy setting. It’s important to put practices in place to secure sensitive data and to avoid data loss—all to help ensure a less hectic holiday season.”
Shapiro suggested that businesses should create a set of policies outlining acceptable use of data as well as data responsibility while employees are traveling and using corporate devices. If such policies exist, now is the perfect time to revisit their effectiveness, he added.
One possibility is to consider restricting access to corporate information.
“While employees are traveling, access restrictions will protect proprietary data from getting shared or transmitted unnecessarily, without impacting an employee’s ability to get their job done,” Shapiro said.
While the staff is on the road with their laptops working, it may not be necessary for employees to be able to log into servers and access all of that information, he explained.
“In the event that access to the back end files is needed, consider using other means such as a read-only file system export. It may also be necessary to implement a form of endpoint protection for employee computers and mobile devices if connected to corporate email and data.”
According to a survey released last year by the Ponemon Institute, close to 637,000 laptops are lost each year. As we are talking about travel, the fact from the survey that laptops are most commonly lost at security checkpoints fits well here. The survey said that close to 10,278 laptops are reported lost every week at 36 of the largest U.S. airports, and 65-percent of those laptops are not reclaimed.
With that in mind, Shapiro had some other tips, and mentioned that travelers could back up their data to minimize the risk of data loss in the event that their device is stolen or lost.
Encryption, a long time security favorite in the enterprise, is an important example of endpoint protection, Shapiro said. “One of the benefits of endpoint protection is that an employee has the ability to perform a remote data erase if a device is lost, which is especially important when traveling.”
While some security vendors offer remote erase, not all of them do. So make sure you check each candidate out if this is a feature you want use with remote users. Nothing is easy when it comes to data protection, and there is no silver bullet to be offered. Yet, as mentioned by Shapiro, using layers, developing solid policy, and setting expectations is a great start.