About 70% of Cisco Systems employees work from home at least 20% of the time, but you would never guess that after reviewing an alarming Cisco study that paints remote workers as ignorant about online security.
The study of more than 2,000 remote workers and IT professionals from various industries shows that remote workers’ security awareness and online behavior may inadvertently heighten risks for themselves and their employers.
Spanning 10 countries — the United States, United Kingdom, France, Germany, Italy, Japan, China, India, Australia, and Brazil — Cisco security executives report that workers’ perceptions of security threats are softening. And more than 50% of IT respondents believe their remote workers are becoming less diligent toward security awareness, an 11 percentage-point increase from the year before.
These numbers come in the wake of The Computer Security Institute’s 2007 computer crime and security report, which shows that the number of financially motivated attacks (i.e., identity theft) surpassed “traditional” attacks (i.e., a computer virus) for the first time in the survey’s 12-year history.
“While working at home, people tend to let their guard down more than they do at the office, so adhering to security policies doesn’t always intuitively seem applicable or as necessary in the private confines of one’s home,” says John Stewart, Cisco’s chief security officer.
Still, remote access and distributed workforces are here to stay, Stewart notes.
“Businesses have the opportunity to benefit from productivity increases while preventing security risks from undermining them. This study provides intelligence and recommendations for understanding and minimizing risks as businesses allow employees to branch out beyond the traditional office. It explores their remote workers’ psyche and provides valuable information about their approach to security.”
Work Locally, Think Globally
Give them their freedom and they will love you for it, according to Michael Haaren, who writes the popular Rat Race Rebellion newsletter.
“The primary advantage to using remote workers is productivity. Almost every significant study shows that remote workers are more productive than office-bound employees. That productivity flows primarily from employee satisfaction and loyalty,” he says.
Indeed, an extensive review of 12,883 employees, published in the Journal of Applied Psychology, adds to this theory. The researchers point to common-sense principles in why telecommuting makes sense: reduced stress, increased productivity, improved work/life balance, and better relationships with supervisors.
Haaren advises that corporations should not panic: remote workers do not necessarily cause massive security breaches.
“The anxiety stems primarily from new managerial processes rather than logistical issues. The primary risk of remote work isn’t a security breach, it’s entropy — a loss of team and corporate cohesion, energy, purpose,” he says.
“But any good leader can keep the glue firm with timely and meaningful face-to-face sessions. The trick is to know when and where to meet, and what to say when you do. That’s all,” adds Haaren.
That might be all, but this still means that companies will face new challenges as they find enough of these “leaders” to manage the impending boom of remote workers: research firm Gartner pins the number at 46.6 million telecommuters by the end of 2011.
“The key to enforcing online discipline — or any protocol — with remote employees is to tie the spinach to the lemon meringue pie: If you want to keep working offsite, follow the rules,” adds Haaren.