“We try to drive remote users to a virtualization
platform rather than giving them virtual private
network access and allowing them to install the
application on their local machine.”
One of the biggest risks is retained data that is left behind because a person either inadvertently downloads something or puts it on a personal device. With policies, procedures, and education, you can train people to be more aware of their environment and the device they’re using. You can educate them to clean up potential residual data.
You can also use technical controls to limit this risk. For instance, we use as many technical controls as we can to limit what people are allowed to print or share. For remote workers, if someone’s work requires that he or she print something as a part of day-to-day activities, controls force that user to go
through a more strenuous request process with the director to determine whether it is appropriate to do that kind of work at home.
Also, we try to drive remote users to a virtualization platform rather than giving them virtual private network access and allowing them to install the application on their local machine. Mobile devices have changed the way people work. We have mobile device management tools that allow us to remotely wipe mobile devices, if necessary. We can also use data-minimization strategies that limit data access to what is needed for the immediate tasks, and then wipe that data when the tasks are complete.