With the evolution of the technological landscape, it has become possible for business enterprises to go global.
A key function of the operations models of blue chip corporations and micro, small and medium enterprises is leaning towards remote work. While this has allowed business growth by tapping into global talent at scale, create value for customers, reduce manpower costs, improve quality of products and services and achieve higher productivity, it has also considerably raised the risk profile of these businesses than what they would ideally like.
Cisco Systems had commissioned a survey of more than 10,000 respondents doing remote work across the United States of America, United Kingdom, Japan, China, India, Brazil and France. Some of the major observations of the survey were as follows:
- 40% of the respondents said that they had used their work computers for online shopping.
- 21% of the remote workers said that they had allowed others to access and use their work computers.
- 10 %of the remote workers said that they had used their neighbours’ internet connection for work without seeking the latter’s’ consent and them not being in the know how.
- 10 % of the remote workers in India and 20% of the remote workers in China said that they downloaded unknown email attachments.
Assessment of Cyber Security Risk Factors and Challenges
A report published by the NITI Ayog, Government of India defines the cyber space as the connected internet ecosystem. The report asserts that there are 3 major trends exposing critical information technology infrastructure to cyber security risks: interconnectedness of sectors and devices, proliferation of exposure points and concentration of assets.
In fact the observation on threats to online security emanating from connected devices finds wholesome consensus in another report published by Ernst & Young (EY). The EY report categorically asserts that 70% of IoT devices contain vulnerabilities that lead to leakage of IP, confidential customer data, insights on financial transactions and payments and receipts archives of business enterprises and identity theft.
Verifying Observations against Empirical Evidence Available
How do these observations stack up against the empirical evidence that is available? How serious is the threat of identity theft to online businesses emanating from leveraging remote work? What do the numbers suggest?
Insights available from the Credit Fraud Avoidance Scheme (CFAS) suggests that 791 million identities were stolen in the United States of America in the year 2016, 4 million accounts were taken over leading to losses of over USD 2 billion in the year 2015 and 500 identities were stolen every day in the United Kingdom.
What Can Online Businesses Do to Mitigate Risks of Remote Work?
Given the insurmountable evidence pointing at the red flags raised by the increased risk profile of remote work for online businesses, it makes enormous good sense to assert that certain proactive measures need to be taken. We take you through some of the measures that entrepreneurs can take in their personal capacity while leaning on remote work:
- Non Disclosure Agreements: It is advised that entrepreneurs resort to entering into a standard non disclosure agreement with remote workers and hold them accountable for handling of business data, especially in cases involving sharing of IP, brand content, customer data and financial data. While many emerging economies are still evolving in terms of the business regulatory framework required to safeguard online businesses, one cannot deny the importance of holding remote workers accountable for being more careful with business data, personal device usage and shared resources.
- Take Subscription of Cloud Apps: There are several cloud applications that allow small businesses to upload, create retrieve and share data with users on a subscription pricing based on the number of users. The Google drive suite for businesses is a decent option that allows remote workers to access data on a need to know basis at reasonable costs. Microsoft also offers a highly secure cloud app for businesses.
- Mandate Workers to Connect with VPN: Public internet network are highly susceptible to malicious attacks and data theft. Entrepreneurs can make it mandatory for remote workers to connect to the internet with a VPN. VPN creates a layer of network security between the connected device and the LAN of the user by encryption for the messages that travel back and forth and limit the probability of cyber crimes.
- Use Full-Disk Encryption Software: It is advised that entrepreneurs request remote workers to lean on full-disk encryption software for added security of their personal device. There are some highly reliable encryption software products that are available absolutely free such as BitLocker for Windows 7, TruCrypt for Windows, Mac and Linux and FileVault for Mac users with Lion.
- Subscribe to Secure CRM Software Apps: Customer data and purchase archives are best store on known and reputed CRM software products and applications like Zoho CRM, Recurrly and Salesforce that allow entrepreneur to limit the access data based on pre-defined profiles.
- Keep Your Firewall and Total System Security Updated: Again a basic system security requirement that entrepreneurs should ask from remote worker is to use updated firewall software and total system security software products that defend their personal devices for work from viruses, malware and worms.