Ready, steady telework: information security essentials for the teleworker

Abstract

We operate and live in an environment where data communication is dependent on Internet connectivity which is decentralised in nature and is not possible to regulate. Due to technology advances, organisations have allowed remote access to their data via the Internet which allows employees to perform work activities via teleworking. Employees have embraced this method of working and teleworking has become a norm in a large number of organisations today.

The problem of teleworking arises as employees are accessing company data outside the organization walls; a potential risk to information leakage whether it be deliberate or unintentional. In this paper the risks associated with teleworking is attributed to physical, technical and document management.

To address these risks, Security Education, Training and Awareness (SETA) and information security policies are important. This paper analyses three core information security objectives in context with SETA i.e. Confidentiality, Integrity and Availability.

The SETA campaign has neither a goal nor content without a security policy, likewise a security policy cannot be enforced without awareness by those for which it is intended.