A number of enterprises are considering a telework option. However, while teleworking improves overall productivity and morale, from a security pro's perspective, the worry of trading security and visibility for productivity is a nightmare. Just imagine unsecured data floating from employee to employee all over the world.
Organizations already struggle to have visibility into their remote offices, but with the growing popularity of teleworking, they will now need to gain visibility into security events and incidents occurring at possibly thousands of additional locations. Whether you're a federal agency looking to deploy a large mobile workforce or a small or midsize business trying to offer employees more flexibility, your IT team needs to start by examining old security policies and make updates to accommodate the new virtual employees.
Before companies can put policies in place, they need to take a look at the organization's total technology picture. What equipment is deployed and where? What kind of data is in use? How do you identify risks and threats?Once you gain visibility, it will be easier to develop the necessary policies to implement a plan for enhancing the security architecture. While such tools as endpoint protection, NAC and IPS can significantly reduce risk, they must work hand-in-hand with policies. Most employees don't ever think about security, and it is vital that they understand the risks associated with computing from home and the policies that are in place to guarantee that they are working securely.
Deploying and maintaining secure virtual offices is a large task at hand, but with the right policies and tools in place, it is becoming doable for organizations of all sizes from every sector.
