Introduction
Lacking security policies is one of the most common sources of information leaks, increased chances for cyberattacks, and misconduct related to remote workers. Curran (2020) states that “many organizations are now more vulnerable to security threats than ever before” due to the complexity of infrastructure and equipment (p. 11). Remote workers add a significant share of workload to the tasks related to cybersecurity, partially due to the usage of third-party software, personal devices that are not business-oriented, and other organizational issues (Curran, 2020). This paper summarizes the research article “Infrastructure for an IT security policy: Remote workers” by extracting the essential topics and analyzing their importance.
Purpose of the Paper and Data Gathering Method
The purpose of the research paper is to analyze the security policy for remote workers in Dubai, define its requirements and methods of protection, and give recommendations regarding the existing security holes. It concerns both physical and digital information containers that pose threats to the company’s private data. The paper was created by using the current data points from different data sources related to the security policy in general and those explicitly dedicated to the issues with remote workers.
Discussion
The discussion part of the paper reviews the current safety security policies within Dubai. The paper’s primary topic is digital security, however, it also discusses the threats of handling private physical documents outside of the company’s office bounds. Safety security policies aim not to enforce compliance but to show an optimal way to prevent and combat security threats by applying a comprehensive set of rules when dealing with sensitive information (Walker, 2019). The first part of the discussion is related to the software requirements that are imposed by the government of Dubai, which require the usage of licensed software only. By using inappropriately licensed or unlicensed software, remote workers put their company at the risk of being targeted by malware and hackers (Sarginson, 2020). The paper discusses the way to raise compliance with this regulation within the company by updating the security policy and hiring a specialist who can assist with this issue.
The next parts of the central section discuss the safety of using a Wi-Fi network and personal devices as a medium between a remote worker and the company’s private servers. The paper ushers the addition of additional network protection to monitor and manage data transfer. According to Sarginson (2020), “many employees are working on less secure devices while at home, and on less secure networks than usual” (p. 10). Moreover, remote workers need to install and run additional protection software, such as firewalls and antiviruses, to ensure the safety of data.
The article also discusses a potential threat from direct physical access to the devices used for business purposes or the transfer of private data via paper or screen. Remote workers within Dubai require additional protection, and the companies need to increase their attention to remote operations. In the end, the paper lists what repercussions can be applied to the company and its workers for violating the security policies of Dubai.
Summary of Findings
Findings suggest that while the existing security policies do prevent some threats, numerous changes are necessary for the security policy of Dubai companies to become safer and more comfortable to implement and use. A detailed examination of each system has revealed weak spots that can be improved. It is essential to bring government policy guidelines to a higher level of comprehensibility, coverage, and application. Remote workers are a vital part of the structure of modern businesses, and the increased amount of cyberattacks shows the need for additional research and development on this topic.
The research paper emphasizes a sudden increase of remote workers in most companies due to the COVID-19 pandemic. Malecki (2020) states that “cybercriminals are exploiting the Covid-19 pandemic by launching ransomware attacks on unprepared, unprotected businesses” (p. 11). This recently emerged issue shows that malware attacks are a common and highly dangerous aspect of remote access. The paper concludes that the companies of Dubai need to update these regulations in order to decrease the number of security breaches.
Recommendations
The paper contains a set of recommendations regarding the necessary improvements to the system. It emphasizes the need for enforced software licensing as it is a highly efficient and optimal way of regulation (Walker, 2019). The second crucial point is that the company’s employees must be educated about security threats and know security policies related to their field of work. Malecki (2020) states that “when properly educated and well prepared, employees can prove a crucial weapon in the fight against ransomware” (p. 11). Companies also need to regulate the ability of remote workers to connect to business-related computers and servers, and necessary restrictions must apply to the availability of private data from remote access. Former or current employees who have this type of permit can commit violations or serve as an involuntary access point for a cyberattack (Dokuchaev et al., 2020). It is also crucial for the company to have an IT security specialist to manage and upgrade the system and advice on policymaking.
The Role of the Highlighted Text
The selected part of the paper describes several crucial elements in the security policy and the way these points must be addressed within the setting. It shows the importance of synchronization of remote workplaces with the company’s internal network, as well as the need for additional protection of channels through which remote workers connect to said network. Moreover, it describes the concerns regarding potential security threats that arise from handling the company’s private documents outside of the company’s offices.
The highlighted text expands the findings of the research paper and covers multiple security threats related to remote workers. The first part depicts how the synchronization of date and time affects the company. The second and third parts describe and expand readers’ knowledge of remote access to the business network, what threats can arise from inappropriate handling of this system, and how to avoid them. The final portion of the highlighted text refers to physical security holes that might occur in a remote workplace.
This part bears the utmost importance since non-compliance with the security policy regarding the listed points can cause a significant loss. Remote access threats are one of the most common holes in information systems (Dokuchaev et al., 2020). For example, private network traffic can be illegally accessed via malware or spoofing, it can be used to gain access and passwords to the system, and false data can be injected into the network packets (Dokuchaev et al., 2020). Therefore, the highlighted section is a crucial part of the paper, as its purpose is directly related to the topic and aims to inform businesses about these security holes and to prevent these issues from occurring.
References
Curran, K. Cyber security and the remote workforce. Computer Fraud & Security, 2020(6), 11-12. Web.
Dokuchaev, V., Maklachkova, V., & Statev, V. (2020). Classification of personal data security threats in information systems. T-Comm, 14(1), 56-60. Web.
Malecki, F. Overcoming the security risks of remote working. Computer Fraud & Security, 2020(7), 10-12. Web.
Sarginson, N. Securing your remote workforce against new phishing attacks. Computer Fraud & Security, 2020(9), 9-12. Web.
Walker, C. K. (2019). Digital regulation: A new frontier for public service delivery, surveillance and compliance. The Palgrave Handbook of the Public Servant, 1-17. Web.