The survey reveals worrying levels of technological confusion and cultural inertia in an area vital for the future of UK Plc.
SC Magazine has teamed up with Symantec Hosted Services to survey the attitudes of security professionals to the impact and security implications of increased mobile working.
The full results (see link below) are worth some interpretation and analysis. Despite the hype and the so-called advantages of remote working (cost savings, happier employees etc), remote or out-of office working is still relatively rare. Almost half our respondents (44 per cent) said that less than one-fifth of their employees work away from the office for one day or more per week, while only one-tenth had more than 80 per cent remote working.
So despite the growth of broadband and more secure VPN connections, we are still very much wedded to the office and commuting. It's as much a cultural barrier as a technological one – it may take another generational shift before we shed all our prejudices against remote working: people cannot be supervised, there are too many distractions etc.
The survey backs this up. When asked what they considered the biggest threat posed by remote access, the largest group, 34 per cent, replied that it was ‘inappropriate use', such as file sharing, above ‘system infection' on 28 per cent.
A significant number (17 per cent) also listed ‘reduced productivity' as a threat. Taken together, these figures suggest that security managers are more worried about the cultural risks – and their own prejudices that mobile working stirs up. They also enforce an acceptable use policy (AUP) for remote users by controls on remote users' machines.
So it would appear we are some way from an enlightened remote-working culture. This needs to happen – not just for the health of individual companies, but also for the country as a whole.
We have a growing UK population and a transport infrastructure that is not yet fit for purpose. And yet we already have the technology to maintain a larger percentage working remotely – particularly from home offices. Faster broadband is on the way for major metropolitan areas.
Indeed, 80 per cent of respondents expect the number of remote users to increase – which suggests that companies need to start thinking today about how to adapt security policies to accommodate working away from the office.
Even now, according to our survey, those accessing the enterprise remotely are logging in to those applications at the heart of any business – HR, finance, purchasing etc. These are business-critical and require suitable protection.
On a more optimistic note, some 65 per cent now allow employees to use their own devices for work either ‘always' or ‘subject to their role or activity'. This suggests that a degree of enlightened thinking is permeating security circles.
However, the sting in the tail is that some 60 per cent are not that confident that their endpoint protection is up-to-date. This is fundamental – remote working is going to remain at the starting gate if we cannot ensure that basic security hygiene is taken care of. Security managers need to start that now.
Overall, the survey betrays a mixture of technological confusion and cultural inertia. The idea of remote working and BYOC (bring your own computer) appeals, but big shifts in security thinking need to take place – and quickly.
The Survey Dissected
The survey ran during October 2010 on the SC website and analysed the responses of 162 visitors.