CIO Jury: But there's no reason why they should…
By Andy McCue
Published: 8 February 2008 14:53 GMT
Careless remote and home-working staff are opening up corporate IT networks to an increased risk of damaging security breaches.
A survey by Cisco this week found a lack of discipline and vigilance among home workers on the internet - from hi-jacking the neighbour's wi-fi to opening unsafe emails and lending non-employees their work PCs or laptops.
-- Nic Evans, European IT director, Key Equipment Finance
That view of increased security risks is backed by 10 of silicon.com's 12-strong CIO Jury IT user panel, along with silicon.com's new Naked CIO columnist.
Peter Pedersen, CTO of Rank Group, said: "I believe the risks will increasingly force IT departments to implement tougher lockdown and device control."
Wireless from A to Z
Click on the links below to find out more…
A is for Antivirus
B is for Bluetooth
C is for The Cloud
D is for dotMobi
E is for Email
F is for FMC
G is for GPS
H is for HSDPA
I is for i-mode
J is for Japan Air
K is for Korea
L is for LBS
M is for M2M
N is for NFC
O is for Operating systems
P is for Pubs
Q is for QoS
R is for Roaming
S is for Satellite
T is for TV
U is for UMTS
V is for Virgin
W is for WiMax
X is for XDA
Y is for Yucca
Z is for Zigbee
But working from non-office locations is now a fact of life for most businesses and the risks must be mitigated against, according to Nick Masterson-Jones, IT director at Vocalink.
He said: "In response we have brought in a new infrastructure that allows remote access from anywhere but the services all operate within our data centre - the remote access is purely a Citrix window. We can therefore completely control the resources available, including preventing printing, cutting, copying of data and even downloads onto those ubiquitous USB memory sticks."
Ian Auger, IT director for ITN, said backing up employee usage policies with automated enforcement systems can help mitigate the risk.
He said: "We deploy varying levels of remote access from basic Outlook web access to full blown VPN depending on the need. This impacts on the potential risk, ease of accessibility, the amount of support needed to maintain the systems and ultimately the cost."
A lack of training for remote and home working staff is also one of the key risk factors.
Kevin Fitzpatrick, European CIO for Sodexho, said: "Risks increased when we moved away from mainframes and proprietary networks to client devices, but the increased benefits hugely outweigh the downsides. Sensible policies, appropriate security and above all training can sufficiently mitigate."
But others disagree that homeworkers pose a greater security risk than employees in the office.
Nic Evans, European IT director at Key Equipment Finance, said: "With secure VPN and disk encryption there is no reason why technically homeworking should be any less secure than in the office. A few years ago I found tomato ketchup on the keyboard and Chitty Chitty Bang Bang in the DVD drive of a laptop which served as a reminder that you should also have training and strictly enforced usage policies to go with it."
Social networks also pose a security risk, according to Richard Steel, CIO for the London Borough of Newham.
He said: "Increasingly we work in partnerships and share information, and will open up access though social networks - as well as increase home and remote working. Our system's infrastructure designs have to be fit for purpose."
Today's CIO Jury was…
Ian Auger, IT director, ITN
Dominic Cameron, project director of Voice Web, lastminute.com
Nic Evans, European IT director, Key Equipment Finance
Kevin Fitzpatrick, European CIO, Sodexho
Andy Griffiths, head of IT, DVLA
Paul Haley, IT director, University of Aberdeen
John Keeling, director of computer services, John Lewis
Nick Masterson-Jones, IT director, Vocalink
Peter Pedersen, CTO, Rank Group
Jacques Rene, CTO, Ascend
Richard Steel, CIO, London Borough of Newham
David Supple, director of IT, marketing and creative services, Ecotec
Want to be part of silicon.com's CIO Jury and have your say on the hot issues for IT departments? If you are a CIO, CTO, IT director or equivalent at a large or small company in the private or public sector and you want to be part of silicon.com's CIO Jury pool, or you know an IT chief who should be, then drop us a line at editorial@silicon.com
I think this report highlights what most CIO's alr...
Austin Holdsworth
A worker privileged to work at home who, be it thr...
Chris Goodman
Agenda Setters 2008
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
The silicon.com CIO Jury provides one of the most influential voices in the IT industry, consisting of a fast-growing pool of senior business decision makers from some of the largest, most innovative companies in the UK. Increasingly recognised as both a barometer and catalyst for change within the IT industry the CIO Jury is the place to be if you are a leader rather than a follower.
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Tim Ferguson On a new Voyager, tackling fraud and the intellectual challenge Interview: Nationwide IT director, Peter Stafford
silicon.com Inbox: ID cards U-turn: The end is nigh? "Great news and hopefully the beginning of the end for this crazy ID project"