Friday,
May 09, 2014
According
to the 2014 National Study of Employers sponsored by the Families and Work
Institute, 38% of employers allow some employees to “Work some regular paid hours
at home on a regular basis”. Meghan Biro,
writing for Forbes, claims, “Telecommuting Is The Future of Work”. Despite Yahoo’s Marissa Mayer, The New York
Times proclaims, “It’s Unclearly Defined, but Telecommuting Is Fast on the Rise”. So if everyone is working from home and telecommuting,
where are all those drivers headed this morning I saw on my way to the office?
With
all of the excitement about working from home and telecommuting, a.k.a.,
“distance employment”, where’s the data security. If our credit and ATM cards are not safe at
major retailers, how can our security be any better around corporate
proprietary information and employee data?
It is almost a routine occurrence that an unencrypted laptop is stolen
from some unsuspecting employee’s locked car.
The U.S. Department of Health and Human Services’ Office for Civil Rights has oversight authority for data breaches of HIPAA violations associated
with protected health information (PHI) and routinely collects hundreds of
thousands and even millions of dollars in fines for data breaches.
Oh,
you’re safe you said because your laptop did not contain PHI. Increasingly, states are passing personal data
breach laws involving other kinds of data.
Florida just passed (awaiting signature) a law covering the unlawful release
of Social security numbers, driver’s license numbers, Florida Identification
Card numbers, account numbers, credit card numbers, debit card numbers, security
codes, access codes, and passwords. And
Florida is not alone, in fact, according to the National Conference of State Legislatures, “Forty-seven states, the District of Columbia, Guam, Puerto Rico
and the Virgin Islands …” have some form of personal data breach notification
law on their books.
So,
before your organization sends Bob off to work remotely at his home with a
laptop or remote connection, not only must you consider the work rules but you
need to have secured any data on that laptop and any Internet connection he may
use. Consider that Bob may decide to
work remotely from his local coffee shop and take full advantage of their free Wi-Fi while he polishes that spreadsheet on employee health care claims, or
that acquisition or analyzes data on your customer’s credit card transactions. Unprotected public Wi-Fi networks have the
potential; to steal more that your credit card number.
As
employers struggle to meet the demands for top talent, they struggle to find
ways to attach and retain such talent with flexible work arrangements. Working from home and telecommuting makes for
an attractive incentive to entrance that top talent to join the
organization. Being seen as an “employee
and family friendly” workplace is important to many employers today. However, a careless moment can result in a stolen laptop, or a discovered back door into your organization’s otherwise
secure network.
No comments:
Post a Comment