I woke up this morning to find an email from my VP recommending an article he’d recently read about the 5 common remote work misconceptions. Fifth on the list is “Security Will Be Weakened”. This is a concern that I encounter as well when talking to my customers about moving towards a virtual work environment. The article does say that the concern is unfounded but, doesn’t give a lot of specifics.
In many ways it is a misconception that security is weakened when moving to a work at home program. Bad employees will try to do bad things no matter where they work. With VM Ware and Citrix offering virtualization solutions for storage, application delivery and the desk top security becomes a little easier. Screen shots, printing information of the device and downloading critical documents can all be prevented.
PCI Compliance and HIPAA Compliance are also a concern. I believe the right network solution can go a long way towards solving that issue. For example The 12 requirements below are the foundation of the PCI DSS:
- Requirement 1: Install and maintain a firewall configuration to protect card holder data
- Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
- Requirement 3: Protect stored card holder data
- Requirement 4: Encrypt transmission of card holder data across open, public networks
- Requirement 5: Use and regularly update anti-virus software
- Requirement 6: Develop and maintain secure systems and applications
- Requirement 7: Restrict access to card holder data by business need-to-know
- Requirement 8: Assign a unique ID to each person with computer access
- Requirement 9: Restrict physical access to card holder data
- Requirement 10: Track and monitor all access to network resources and card holder data
- Requirement 11: Regularly test security systems and processes
- Requirement 12: maintain a policy that addresses information security
The right network solution – One without a lot of “fail” points can be a part of the requirements to restrict physical access to card holder data and, track and monitor all access to network resources and card holder data.
Keep on the lookout for more information about PCI and HIPAA Compliance in the months to come.
In the meantime enjoy the article. The link is below.
Something else you may want to look at are the a couple of briefings the article links to. One is on the Future of Work Platforms and another focuses on The Future of Work Places. There’s an annual charge to receive these briefings on a regular basis but there’s also a seven-day free trial. The content looked interesting.