5. Wherever possible, secure the environment: While it isn't possible to go to every users' home to deploy an access point, and centrally manage them as one can do in a corporate network with optimised security settings, it is possible to require home office users to implement strong encryption on their home routers.
6. Security begins with education: Unfortunately, many organisations rely on firewalls, intrusion prevention systems, and anti-malware software to protect their networks but ignore the real weak link in the security chain: users. Even large organisations with strong security measures have been brought down by unwitting users who fell for sophisticated social engineering and disclosed login credentials or introduced malware onto the network.
"The '6 ½ consideration' is to have a policy. Although that seems to go without saying, recent research suggests that a lot of organisations have no written policy on personal devices, home offices, or remote access to company networks and assets," said Ong. "Perhaps this should have been #1 - good, well-thought out policies that both IT and employees can live with is a cornerstone of good security."
Sign up for CIO Asia eNewsletters.