The risk of sensitive data loss or theft can never be completely controlled, however, it can be
greatly minimized through appropriate tools, procedures, and training. If teleworkers use
technology to handle sensitive data, it is important to have these elements in place.
Data loss can be due to the corruption of a single file; a computer virus or malicious malware
attack, such as worms, phishing attacks, rootkits and Trojans; the loss of a flash drive or disk; or
the loss of a laptop (such as during travel).
Data theft can result from a stolen desktop or laptop, a computer being hacked, digital fraud or
misconduct, or even industrial espionage.
If a teleworker's data is lost or stolen, can it be recovered via your organization's backup procedures?
If not, what, if any, implications are there to the organization, its customers and stakeholders? It may
be determined that the risk of sensitive data being lost or stolen is too high for a particular position,
in which case, telework is not a suitable option for that position.
When evaluating the IT requirements of the telework program, it may be useful to seek outside advice
from a security consultant.
|