People

Protecting Employees and Company Data in a Remote Work World

iStorage CEO, John Michael, argues that management of remote and hybrid workers, whether for security or ensuring proper work/life balance, doesn’t need to be heavy-handed if the correct tools are in place

iStorage

The increased flexibility of the modern office has proven popular for employees and employers alike. Workers are feeling the benefits: 78% of a surveyed 28,000 full-time employees say remote and hybrid work improves their overall wellbeing, and 82% find it has made them happier. For employers, statistics show that allowing remote work can result in a more effective workforce. It reduces burnout and increases engagement; a 2018 survey indicated that 67% of workers had experienced burnout, while a post-pandemic survey in 2022, taking flexible working into account, suggests rates are now closer to 30%.

Such figures are proof that remote and hybrid working is in demand and, in some form, here to stay – but they may be contrary to many management assumptions about the effectiveness of remote work, and they certainly downplay the difficulty of administering a distributed workforce.

Allowing hybrid workers absolute free reign over their choice of hardware, software, or working location isn’t an option, because tight security controls are vital to keep data safe. But putting appropriate controls in place to protect the company data which remote employees carry isn’t as difficult as it may seem. And with a mix of compassionate policymaking and computer hardware, which can be remotely and securely administered, employees can enjoy the benefits of remote work without causing a security risk.

Location-Based Access Control

Those offered the relative freedom of remote work may take an over-relaxed approach to their working locations, hours, or practices. While that flexibility is core to remote and hybrid work, it presents certain dangers. The Information Commissioner’s Office received reports of over 1,000 data breaches related to unauthorised access of data in 2022, and almost 600 incidents of data or paperwork being left in an insecure location. Employees taking their work to coffee shops, working on public transport, or otherwise working away from the office are more vulnerable to such breaches.

Secure, managed hardware goes some way to preventing any accidental breach. A secure drive may be able to lock itself based on a user’s proximity to their computer – should the drive’s owner step away, the drive’s contents would be rendered inaccessible. If strict policies demand that remote employees work only from a pre-approved locale, secure storage can also be geofenced. A geofence restricts use of a device based on its GPS coordinates – the fence can cover regions as large as continents or as small as a few metres. Outside of those areas, such a device would not be accessible.

Secure Data Storage With Remote Management Functionality

The key to functions like these is cryptographic security. The contents of a sufficiently secure drive are obscured by encryption until that drive is unlocked – and, indeed, even if plugged into a USB port, the drive would not appear to be connected until a secure authentication process has been completed. Even if the encrypted storage were able to be accessed, AES 256-bit Hardware encryption protects data against the possibility that the data could ever be read, copied, or shared.

Online authentication is useful for more than just security. It also means access to the device can be remotely administered at the time of unlocking. This means that policy changes are automatically applied to a drive upon its use, no matter what machine it is connected to. If a geofence moves, or an employee’s access restrictions change, these alterations do not require physical access to any remote hardware.

Aiding Digital Disconnection With Hardware Policies

Sometimes management of remote employees is not only about where they work, but when. Remote workers, and even in-office employees, can experience an unhealthy creep towards the work side of work/life balance. Digital connectivity can be an addiction; even in France, where ‘Right to disconnect’ legislation passed in 2017 aimed to protect workers from out-of-hours work, the easy availability of digital tools means many employees continue to feel compelled to remain connected and available outside of their working hours.

However, those companies in France which have actively developed strong internal policies in line with the legislation have been able to demonstrate significantly reduced out-of-hours engagement. A culture focused on wellbeing and reasonable expectations is key – but using secure hardware to implement more direct controls can also have a positive effect.

Set a time limit, for example, and the unlocking procedure will be prevented outside of agreed hours, reducing the chance of employees engaging in so called ‘grey work’ – out-of-hours work beyond one’s prescribed responsibilities. If such a limit needs to change, simple back-end software can alter it on a user-by-user basis, or a temporary lifting of restrictions could be applied. Each unlock also feeds back to the drive’s remote administration software, revealing an audit trail of activities which can help identify workers who regularly engage in grey work.

Remote Data Erasure for Extra Security

Remote administration also goes some way to helping protect the integrity of sensitive data if a drive is lost – or once an employee reaches the end of their tenure. Just as policies, geofences or time restrictions can be altered by an administrator without a drive being attached, so can its data: specifically, a secure drive could, if required, be set to be wiped at the moment an unlock attempt (successful or not) is made, or after a certain number of failed unlock attempts. Remote workers need not, then, even visit the office to have their secure devices offboarded – if a drive is not returned, or falls into the wrong hands, its contents are secured against a breach. The hardware itself is all that is lost.

Whatever level of control a company wishes to have over its remote employees, whatever policies exist to support efficient work and wellbeing, an investment in the right secure hardware today means tomorrow’s remote work policies are ready to follow. Select hardware which is also backed by clear and straightforward administration software, and the prospect of safer data is easier to achieve.

Learn more about remotely managed data security:

https://istorage-uk.com/product/datashur-bt-rmc/


John Michael, CEO, iStorage

After constantly reading about increasing data loss incidents, iStorage CEO and Founder, John Michael, saw this was clearly a growing problem with damaging consequences and identified a huge gap in the market to establish a business offering ultra-secure, easy-to-use and affordable data storage devices. Applying his 35 years’ worth of knowledge and experience within the data storage space enabled John to come up with ideas for products that would resolve such problems.

About iStorage

iStorage is the trusted global leader of award-winning, PIN authenticated, hardware encrypted portable data storage & cloud encryption solutions. iStorage offers the most innovative range of products to securely encrypt, store and protect data to military standards; safeguarding valuable and sensitive data to ensure compliance with stringent regulations and directives such as GDPR, HIPAA, SOX, NRC, GLB and DHS Initiatives. Today, iStorage products are used by government, military, multinational corporations as well as consumers in over 50 countries, with the mantra that encryption is an essential commodity required by all. Learn more at https://istorage-uk.com