Tip 4: Educate employees on the risks of public Wi-Fi networks
Free tools abound to sniff traffic on public Wi-Fi networks. With that in mind, it's important for employees to take precautions when accessing or sending anything sensitive (email, searches, etc.). Mobile workers should always ensure that email is sent and received through an encrypted channel (VPN, webmail over SSL, etc.). For corporate email, this should be the only route possible to receive messages. The reality though is that sometimes policies are circumvented in the name of productivity. One common example is sending corporate documents to personal email accounts so that they are easier to access and work with outside the office. If you accept that work-related activities will be done while not connected through a VPN or on a corporate-sanctioned device, it is important to educate employees about the risks and help them make safer choices.
Tip 5: Enable automatic patching
You've turned on automatic update for Windows and Office, but what about the rest of the software on the system? Attackers are diversifying their strategies for machine infection and it's important to keep up to date with patches on all software. In the past, the risk of automatically applying a bad patch --one that caused the system to malfunction --outweighed the risk of leaving the system unprotected till the patch could be thoroughly tested. For mobile workers, that tradeoff needs to be reevaluated for key applications.
Tip 6: Protect visual privacy
Eventually, sensitive data will likely be displayed on a laptop screen, but are mobile workers taking steps to protect it? With the rise in quality of smart phone cameras, it is now possible for data thieves or competitors to take readable pictures of on-screen data at a distance, which increases the importance of protecting visual privacy. Angling screens away from public view or using computer screen privacy filters can help reduce the risk-- but ultimately working professionals need to be mindful of their environment when accessing information that might be of value to someone else. This is particularly important at conferences or seminars where people in the same industry are likely to be in close proximity.
Tip 7: Beware of social networking information leakage
It's easy to reveal too much information while on the road. The most common mistake employees make is to reveal geo-location information. Mentioning that you're in Bentonville, Arkansas for a meeting might not seem like a big deal but a competitor could easily infer that your company has a budding relationship with Wal-Mart (WMT), one of the very few companies headquartered there. This type of data might be revealed directly--in a status update on Facebook or Twitter --or it may be revealed indirectly based on the tool used to update Facebook, Twitter or LinkedIn.
Sign up for CIO Asia eNewsletters.