Today’s workforce has undergone a significant transformation. As organizations adopt more flexible work policies to accommodate shifting demographics, we are not far away from a workplace in which the majority of employees are considered “contingent.” According to a recent Intuit report, 40% of the workforce will be “contingent”—self-employed, contractors and temps — by 2020.
More importantly, however, the mobile workforce of today probably includes your typical employee. In fact, over half of the U.S. population can be considered a remote worker. This number is only expected to increase each year.
For most organizations, the definition of a mobile user has expanded dramatically and can almost be anybody in the company. Some may work from home only one day per month, or even if you have a laptop — guess what? You’re a mobile user. If you’re on vacation and bringing a company device along, you’re a mobile user. Think about your organization and try to find an employee who doesn’t meet this current definition. Unless you’re a financial institution that doesn’t allow employees to have a laptop, almost all of your employees can probably be considered a mobile user.
With the rise in both the BYOD-friendly mobile policies and a contingent workforce, there’s a significant strain on data security. For most companies, mobile users present the most significant risk.
Generally speaking, most data breaches can be tied to people, especially those with the least amount of training and oversight.
Read: The Insider Threat Is Real
Not only that, but as we add so many security controls in our organizations that it’s easy to get sloppy. It seems like year after year, there’s more for IT departments to manage and it can be overwhelming. You need to put in practices to filter out the exceptions and determine what’s bubbling up to the top, particularly with the remote workers.
Before we address how mobile workforce risk can be mitigated, there’s one risk that is often overlooked, which not only pertains to the mobile workforce but also in-office employees. It surrounds employee terminations — whether they give notice on their own or are terminated.
Your staff may have access to one or more mobile devices, and as soon as the employee is terminated, you should consider freezing the device so it can’t be used before it’s returned. Even if it gets lost in the mail or the employee refuses to return it for some reason, the device would be unusable and any data on it would be protected.
Read: Avoiding Endpoint Bloat
When it comes to working with mobile users, freelancers, contractors or business partners of any kind, organizations should:
Ultimately, every organization must be prepared for a breach with a data breach response plan and a trained team to handle the incident. This can help both mitigate the breach and its fallout.
We understand that managing a mobile workforce can be overwhelming. But we’ve got you covered if you want to gain a better grasp of the cybersecurity basics around threats, risk and protection. Review our comprehensive cybersecurity 101 guide.