Employees bringing their work home or working from cafes, airports or other Wi-Fi-enabled areas are posing a security threat to their organisations, an IT expert has warned.
At a discussion in Dublin today, Citrix chief security officer Kurt Roemer said it is now commonplace for an employee to work outside their organisation’s premises and this transfer of data across unsecure networks poses major security problems for the IT department..
The answer is not for organistaions to prevent employees from working with company data on devices like their Blackberry or laptop, said Roemer, but instead to manage the device.
Essentially, from a corporate data perspective, a company can isolate different environments using virtualisation, with varying levels of access and security.
These areas, separate from each other, will not take the server or other applications down if they crash or are security compromised, he explained.
Roemer said that good practice would be to “define little microenvironments with the main work area”.
This security model can provide better data protection for an organisation while addressing the culture of take-home work.
For companies looking to an EU standard by which to develop a data security model, there is no enforceable one to speak of.
However, Owen O’Connor, vice-president of Information Systems Security Association, said that organistaions should evaluate on a function-by-function basis.
“They need to ask two questions: first, what are you absolutely required to do, and second, what risk would bring the business to a halt.”
He said that before something is done in Ireland regarding data and privacy legislation, it will take heads to roll.
Covering the issue of password protection and management, Roemer said he believed that abstraction is needed.
If all password control within the organisation is taken from the individual employee and central control is taken, the benefits are obvious, he said.
The worker would need only one token key to acces various programmes and accounts, while passwords are managed at the back-end.
By Marie Boran
