Remote Workers Put Enterprise Data at Security Risk
Symantec report finds that remote workers' surfing habits put corporate data at risk unless proper usage rules are defined and enforced.
Remote workers are more likely to try their luck and visit dangerous sites while surfing the Internet, according to security software vendor Symantec's most recent malware report, but surprisingly office-bound workers are more frequently denied access to explicit sites.
The findings suggest that enterprises have plenty to do in terms of setting and enforcing usage policies to prevent workers from visiting sites that are either illegal, unprofessional or, more commonly, riddled with malware.
The study found that 35 percent of all workers are more likely to trigger a website block, based on whatever corporate usage policies are already in place, when they're on the road or working remotely.
More surprising, perhaps, is the discovery that remote workers accessing web-based malware accounted for only 1 in 1,807 website traffic blocks compared to 1 in 322 blockages for office-based workers. In other words, while remote workers and those accessing the Internet while traveling are more prone to take risks to access questionable content, they're apparently savvy enough to dodge malicious sites -- and the resulting blocks -- much more successfully than their cubicle-bound colleagues.
Symantec's (NASDAQ: SYMC) MessageLabs researchers found that blocks for downloads of all types were more than five times more likely to be triggered by remote workers, a sign that either remote workers like to venture to far-flung places that their companies would prefer they not travel to or that the companies' usage rules are far too stringent and automatically block access to sites that may or may not be safe and suitable for their professional endeavors.
Drilling a bit deeper, the study found that shopping, search queries, personals and dating categories are more frequently blocked for workers outside the office than for those who are inside the office.
"In general, more policy blocks overall are triggered by workers when they are out of the office, indicating rather intuitively that users are more compliant with usage policies when in the office," Paul Wood, a MessageLabs senior analyst, said in the report.
Regardless of the usage policies established or the ferocity of the security applications used by companies, hackers have become much more accomplished at hoodwinking people into divulging personal information and infiltrating enterprise data networks.
Earlier this month, the "Here You Have" virus tricked thousands of people into clicking on a malicious link promising porn, but instead infecting PCs and mobile devices and clogging corporate email servers around the world.
In fact, the ratio of email-borne viruses like "Here You Have" represented 1 in 218.7 emails in September, up about one percent from August. In September, 7.6 percent of email-borne malware contained links to malicious websites, a decrease of 13.6 percentage points since August.
Follow eSecurityPlanet on Twitter @eSecurityP.
September 22, 2010
Data loss events are continuing at a "fairly alarming rate" according to Keith Crosley of cloud-focused security firm Proofpoint, which recently released its seventh annual study of data loss in the enterprise.