It’s that time of year again, when many of us (well, those of us in the UK, at least) are enjoying the last few weeks of the summer break, perhaps going on a final getaway before the schools go back, or maybe just a long weekend to take advantage of the last summer bank holiday.
But it’s not as simple as that for many people these days.
Jetting off and forgetting all about work is far less common than it used to be and mobile devices make it all too easy to ‘do a quick email check’, whether from the comfort of a poolside sun lounger or a remote ski slope.
The phenomenon of working on holiday has even been given its own name, the ‘worliday’. As coined by Financial Times journalist Lucy Kellaway, who described a ‘worliday’ as “bit like holiday and a bit like work”.
So how is all this talk of worlidays relevant to a security blog? Surely this is a time when security is the last thing on our minds? Well that’s precisely the point...
Regular readers will be aware that a lot of our focus over the past twelve months has been on changing technologies, attitudes and behaviours in today’s global workplace and their implications for IT security.
Our last phase of ‘WorkLifeWeb’ research in 2010 found that 47% of employees believe web collaboration and social media are changing the way that people work, with 48% of office workers and 71% of managers saying tasks overlap at least twice a week.
This blurring of lines between personal and work tasks presents a new challenge to IT security professionals, made worse by the vastly different behaviours and attitudes human beings tend to adopt in their professional and personal lives. For even the most diligent of workers, when sipping sangria by the pool on holiday your mindset is not the same as when you’re sat in an office surrounded by colleagues, and you might not pay the same care or attention to who or what you are emailing.
Worlidays may sound like a good thing for businesses (after all there’s no denying that 24/7 contact with employees when something goes wrong can be crucial), but from a security perspective it does present challenges. Ultimately, businesses must realise the need to educate employees, encouraging them to take their role in securing sensitive data and information seriously. By highlighting the potential risks and also the individual responsibilities, people can make an educated decision as to whether or not it’s safe to send that password in an attachment on an unsecure network as they relax in the sun.
By Nick Peart
No comments:
Post a Comment