WFH: Remote Data Access and Data Security

This may be the single biggest concern you may have to address when looking at WFH. When your employees are working in your offices, you control their methods of access to company data. For example, when they are on-site, they access through a network you have secured. They visit via tablets, PCs and mobile devices that your IT department maintains. In other words, you have much greater control over data security.  Once access goes remote, data security becomes a bigger challenge.

Here are just three examples.

1. Employee knowledge of the potential risks to your data may be limited. Employees aren’t trained as experts in data security and are probably unaware of the many ways data may be compromised. As a result, when left on their own, they may be far more likely to inadvertently take actions that compromise your data or create vulnerabilities that would not be possible when on-site. As a result, if you go to WFH, you will have to provide ongoing training to everyone about the potential risks to company data and their responsibility to maintain secure behaviors.
2. IT has greater challenges overseeing security. Your IT department has a serious challenge in keeping up with data security. That challenge grows exponentially as your workers disperse to remote locations where IT has considerably less control over access tools and network connections. It is also much harder for them to update tablets, PCs, mobile devices, etc. with the latest software and security updates when that hardware is located who knows where. Again, this means pushing responsibility for upgrades and security patches onto individual remote employees.

   Companies that were designed around the model of onsite employees accepted as “normal” a paradigm of centralized control over the IT infrastructure by the IT department. With WFH, however, the IT infrastructure and its oversight become decentralized. IT management suddenly becomes even more complex, requiring far more planning and careful design than ever. With WFH there are far more moving parts.

3. The BYOD problem. BYOD–Bring your own device–is just an extension of the above two points. Once you allow employees to use their own devices for work, that makes decentralized IT support even more difficult. Not only does IT have to support devices remotely, they also have a wider range of devices to support. Handling this involves a calculus of interests you will have to weigh against each other. BYOD can save you equipment costs. It is also generally popular among employees.

   WFH increases your IT oversight costs and increases data security concerns. It is an issue that you have to consider when evaluating WFH policies.