Potential solutions: In addition to educating employees on what types of conversations should be taken to a private location, security teams can protect speech privacy by taking the following measures:
- Utilize sound-masking technologies, such as white and pink noise machines, to drown out conversations by surrounding workers.
- Set aside a room for workers to use for phone calls or small group conversations.
- Employ the use of professional instant message systems like Spark to allow employees to quickly touch base on items without verbally disrupting the office.
Increased risk of device and document theft
When companies have an open floor plan environment, there will naturally be a high number of individuals in and out of the space during any given day. While this can benefit collaboration efforts in the organization, it also means a higher number of individuals in the vicinity of devices and documents containing confidential information. When these items go missing, it causes major data security issues. In 2010, Ponemon Institute conducted a study with Intel that looked at the cost of lost or stolen laptops for businesses. We found that while the majority of laptops were lost offsite or in transit/travel, 12 percent were actually lost or stolen in the workplace.
Potential solutions: Security teams should take measures to not only protect against the physical theft of proprietary information but also ensure that if a device is stolen, the damage can be mitigated through additional security measures:
- Mandate that devices as well as bags, briefcases, folders or any other holder for confidential documents should not be left unattended for any reason.
- Equip office spaces with secure drawers or other storage areas where confidential documents or devices can be placed.
- Provide laptop security cable locks at workspaces.
- Furnish all devices with access to company information with anti-theft features like data encryption and remote wipe.
- Install cameras to monitor the open workroom to help hold workers accountable and in the worst-case scenario, identify any workers or vendors that may be removing devices or documents from a workspace.
In the age of the open office floor plan, company policies and procedures should define what information can be accessed where and when and help to safeguard from these new threats to data security that come along with the trend. Creating an ongoing communication and education plan for employees highlighting the potential data security risks associated with the open floor plan can serve to keep the topic top of mind. Coupling these with physical controls and software can help maintain a protected office environment. Particularly in larger companies, workers could find themselves completing tasks alongside different individuals on a daily basis and it is up to the data security teams to ensure that confidential and sensitive information remains secure in this new environment.
Sign up for CIO Asia eNewsletters.