Art byHurca

Enjoy the freedom of workforce mobility, without compromising on information security

Workforce mobility empowers employees with improved productivity and morale, but it also introduces fresh security challenges that organisations need to overcome.

Workforce mobility empowers employees with improved productivity and morale, but it also introduces fresh security challenges that organisations need to overcome.

Imagine cutting out two hours of your daily commute and working in an environment where you’re most comfortable, using the device of your choice at the time when you’re at your best. Whether that’s something as outlandish as getting out your laptop while enjoying the sun at the beach, or somewhere more down-to-earth like heading to the nearest co-working space, workforce mobility is far more than just a trend. It’s the future of work in a world where the soulless office cubicles and noisy open office spaces of old are rapidly disappearing.

Empowered by modern technology, mobile workers now account for almost 40 percent of the global workforce, and it isn’t showing any signs of slowing down. In fact, entire businesses are going remote, tapping into talent from around the world to drive growth and reduce operational costs by doing away with bricks and mortar for good.

It’s a win-win for everyone: employees are better positioned to find the optimal work-life balance, while their employers benefit from greater productivity, engagement and loyalty. We live in a world where we can work anywhere and where everyone’s connected – that’s the future of the ‘office job’.

But there are challenges

There’s a lot more to enabling remote work than just giving all your employees a smartphone or introducing a bring-your-own-device (BYOD) policy. It requires a fundamental culture change where business executives lead by example by adopting workforce mobility for themselves, while administrators find ways to retain control over their digital assets.

The fear business leaders have of losing control is perhaps the biggest blocker to workforce mobility. After all, using mobile devices in the workplace expands attack surfaces substantially, giving cybercriminals many new opportunities to exploit what is often your most valuable asset – data. Add remote working into the mix and you’re presented with yet another problem: people connecting to company resources over unsecured home and public networks. Oh, and your expensive mobile devices? They have a bad habit of getting lost or stolen.

Leading the way with scalable cybersecurity solutions

Workforce mobility is fast becoming a business imperative. And though there are undoubtedly some serious challenges to overcome, the advantages far outweigh the disadvantages. With the number of connected devices currently standing at 3.5 for every person on Earth (a number that’s increasing exponentially), information security, just like any other essential process or system, needs to be scalable, multilayered and centrally managed.

Employees on the frontlines of information security

Let’s face it: many of us are guilty of developing some pretty appalling mobile security habits. Over a quarter of us don’t even lock our smartphone screens, despite mobile devices being so widely used for everything from business email to personal banking. When you consider how often these devices are reported lost or stolen, it’s easy to see why that’s a big problem. Losing the value of the device itself is nothing compared to hackers or other unauthorized third parties having access to every connected account and file stored on the device.


When you have people who work remotely routinely accessing your company systems, you need to lay down ground rules. That’s why implementing a robust BYOD policy is a critical starting point. This policy should clearly state which devices and apps are allowed, which security measures must be in place, and how corporate data can be shared. For example, you probably won’t want remote-working employees accessing your data from a jailbroken iPhone or from an ancient laptop with a long-obsolete operating system.

Regaining control over security with mobile device management

Having a policy that your employees are well-versed in is essential, but we all make mistakes. Just like business leaders, your remote workers don’t want to be living in constant fear that a single mistake could leave the whole company open to a data breach.

Today, IT administrators need to maintain visibility of their digital assets across a constantly expanding array of different devices and operating systems. Mobile device management (MDM) is the technology accompaniment to your BYOD policy in that it helps enforce the rules while allowing administrators to keep track of their apps and data. MDM lets administrators monitor, manage and secure devices used for work and grant or revoke access rights as required. If a device is reported lost or stolen, for example, they can remotely wipe it and revoke access rights to any online accounts from that device.

Plugging the leaks with data loss prevention

While the tired stereotype of the hooded hacker – he’s lurking in a basement staring at lines of code fleeting across a monitor – still reigns supreme, most cybercriminals don’t actually know much about hacking at all. In fact, 90 percent of attacks include a social engineering element. Rather than trying to exploit weaknesses in technology, they’re exploiting human ignorance in the hope of luring their victims into taking their desired course of action.

Often, it’s the easiest thing in the world for a scammer to dupe their victims into giving away confidential information over unsecured channels, especially if they’re impersonating a colleague or a representative from an organisation they know. For example, if an employee receives an email from someone masquerading as a technical support agent from a known service provider asking for remote access, there’s a good chance someone will fall for it. If that happens, the attacker may be able to gain access to the entire business network via a compromised employee-owned laptop.

Data loss prevention (DLP) offers a rule-based approach that automatically detects and prevents certain types of information, such as payment card details or login credentials, from being sent over unauthorised channels. If DLP is implemented at the account level, then it also protects mobile users when they’re accessing company-owned email and social media accounts. It can also protect users of online collaboration networks, instant messaging tools and any other cloud-hosted platform.

Cloud-managed security as a driver of innovation

It’s time for business leaders to stop viewing information security as a necessary evil and start to see it as a driver of competitive advantage – an enabler of innovation. Workforce mobility is a key part of that ability to innovate. With business apps and data hosted in the cloud, IT administrators can enjoy centralised management by maintaining full visibility of their digital assets. Instant protection comes with reduced reliance on endpoint security, since all confidential data is kept in a secure data centre rather than being stored on local devices.

One great thing about the cloud? Web-based software is always up to date, and because the world’s major data centres have a seemingly limitless supply of computing resources, it’s also highly scalable. Business leaders no longer have to depend solely on their BYOD policies and device-level endpoint security (though these are still essential layers of protection). They can instead build a centrally managed, software-defined computing environment where adding new users is simply a matter of creating an account, then letting your remote-working employees access everything they need through the web.

Not only is this approach vastly better for information security, but it also reduces – if not entirely negates – the need for remote workers to manually exchange files through email or unsecured file-sharing services.

Your location-agnostic future, without the risk

Workforce mobility shouldn’t be a source of fear. It’s not about losing control. Rather, it’s about decentralising your workforce and giving your team the flexibility to work in the ways that suit them best while delivering enormous value to the whole business. At the same time, modern MDM and endpoint security solutions let you maintain full control over the security and compliance of your digital assets. No matter where your workers are, there’s always a way to keep your corporate data safe.

Watch on-demand webinar: Remote workplace: cyber threats and how to protect from them

To help organisations support employees working from home and understand the security challenges of remote workplaces, Kaspersky experts will share their review of potential cyber threats and how to avoid them.

Suggested articles
Author info

What's coming next?

Be first to find out what's happening in tech, leadership and cybersecurity.