The Telecommuter Manifesto

When most of us hear the term data security, we naturally think about our computer.  While that is certainly an important part of data security, there are some other aspects of particular importance to telecommuters.

The first is the fact that you are probably generating physical data in the form of printouts, hand written notes, or whiteboard drawings.  While these items remain relatively safe in the office, they pose a greater risk at home.  If you were to inadvertently leave a proprietary document in the office, there would be limited damage potential.

From a corporate espionage perspective, a telecommuter’s home is a much softer target than a corporate office.  Not only does physical security tend to be much lighter, a thwarted theft attempt at a home doesn’t necessarily cast suspicion on business competitors, where a corporate break in certainly does.

Telecommuters may be more lax about discarding proprietary data, but they really should be more diligent.  I recommend that everyone invest in a high capacity, and high quality shredder to destroy all company information before recycling or placing in the trash.  You should have a shredder for personal use to help prevent identity theft anyway, so you can just add company docs to your shred pile.  Some companies will even provide shredders to telecommuting employees to inspire them to practice strict data security habits.

Your home network is another area where data security goes beyond your computer.  If you have a work issued computer and connect to the corporate network directly through a VPN, then security isn’t much worse off than in the office, though there are more places where a breach could occur.  In reality, many telecommuters work in a much more compromised way.  They may either commingle work and personal files on a home computer, use a home computer for work purposes, or have a more complicated home network that includes weakly protected access points.  Few companies have unsecured wireless access to their corporate networks, but far too many home networks have unsecured wireless access.  If a company computer, or home computer with company files is weakly protected the possibility of proprietary data being compromised is considerably higher.

Companies can help their telecommuters by providing shredders and physical data security training as well as IT support for configuring a secure network environment.  A site-survey by IT (or a discussion with the telecommuter to ascertain their data security aptitude) is certainly appropriate.  Without proper precautions, the many corporate benefits of allowing telecommuting could quickly be eclipsed by the damage caused by a breach in data security at a telecommuter’s home.