Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management

Balancing Employee Privacy and Security for Remote Workers

Heidi Shey of Forrester on Adopting a Two-Pronged Approach
Heidi Shey, principal analyst, Forrester

The increasingly connected home is a vulnerable part of the extended enterprise, especially as the line further blurs between personal life and work, says Forrester principal analyst Heidi Shey. She encourages organizations to adopt a two-pronged approach to protecting the "work from home" workforce - a combination of controlling what they can via Zero Trust and empowering employees to look after their own personal security and privacy.

Shey says organizations need to harden corporate device security as well as the applications employees use for work. They should consider application virtualization or app containers, she says, because they provide protection and also make a device less appealing to criminals.

She also recommends monitoring access control to corporate data resources. "How are you applying least privilege? How are you reviewing entitlements and looking at data access activity," she asks.

See Also: How to Build Your Cyber Recovery Playbook

With regards to empowering employees to protect themselves, Shey says: "It's about really knowing your workforce, their attitudes towards security and privacy, and how far they may be willing to do things themselves."

In a video interview with Information Security Media Group, Shey discusses:

  • The vulnerabilities and privacy concerns that have surfaced after nearly two years of remote working;
  • How organizations can address "work from home" security and privacy concerns by controlling what they can via Zero Trust and empowering employees to protect themselves;
  • How the market for consumer security and privacy technologies is evolving.

Shey is a principal analyst at Forrester serving security and risk professionals. Her research primarily focuses on data security and privacy strategy, skills development, policies and related technology controls. She guides clients in applying a Zero Trust, data-centric approach to securing data, advising them in areas such as sensitive data discovery and classification, data loss prevention and secure communications. Her research coverage includes breach costs, e-discovery, cyber insurance and customer-facing breach notification and response. She also covers consumer security and SMB security market trends.

About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.