With the rapid growth in home working, paper documents and digital data are moving in and out of the workplace at an ever-increasing speed, generating some significant information security challenges.
New research from storage and information management company, Iron Mountain, suggests that many employers are failing to provide the support and guidance required to protect their information when employees work from home.
The research reveals that close to two thirds of employees in Europe now work from home for all or part of their time. However, just 18% of firms provide employees guidance on what paper records and electronic data can or cannot be taken out of the office, and only 17% have a formal policy to govern home working.
Getting the IT infrastructure right is a problem for many, with 60% of employers not providing appropriate IT equipment and 67% not providing secure company intranet access. Close to one in four provide nothing at all for home workers.
Many employers are permitting behaviour that could put their information at risk. This includes using personal email accounts to send and receive work documents (50%), leaving documents lying around the house (29%), and disposing of work-related documents in the household bin (19%).
Around one in 10 work from a coffee shop, or use an unsecured Wi-Fi network to send and receive work documents (7%). Each of these behaviours leaves information vulnerable to attack or exposure. A resulting data breach could have far-reaching consequences for the business.
Commenting on the study, Christian Toon, risk and security, Iron Mountain said: "Firms are allowing their most precious business asset – their information – to leave the workplace for a non-secure environment. Once out of the office, information management best practices, such as the secure storage and destruction of documents, go out the window.
"It is vital that companies broaden their secure information management processes to account for home offices and remote working. Information security is not all about the IT. Don’t forget the paper: fail to do so and the biggest threat to your information might turn out to be your employee’s rubbish bin."
The Iron Mountain study showed that the prevalence of home working varies between job roles. It is most common among those at Director level and above. A third of marketing employees work from home two-to-four times a week, followed by 21% of IT workers. Those in HR and administrative roles were least likely to work from home.
Iron Mountain advises that firms provide clear and practical policies for home working, identify and communicate which records should never leave a secure environment. Ensure that home working policies outline the responsibilities the employer commits to, such as the provision of the necessary IT equipment and infrastructure, regularly train and retrain employees on company policy and guidelines and ensure employees have all the IT they need and secure access to the corporate network.
