A recent study commissioned by Fiberlink Communications showed the usual results that most studies on telecommuting tend to show - increased productivity, transportation costs lowered, and better work-life balance for employees.  But one aspect of the study caught my eye in particular:

Remote workers admit to risky online behavior and insecure data practices with 24 percent altering security settings and 23 percent delaying security updates on devices. Even more, 43 percent, have download personal photos and videos and 31 percent cop to downloading software for personal use. About one quarter, 25 percent, admit to clicking on blacklisted or banned Web sites on company devices.
Source: “Employees Like Mobility Despite Extra Work Hours” by Judy Mottl, InternetNews.com

While the remote workers who commit these mistakes are the minority, over 20% for each offense is still an alarming figure - considering that almost every remote worker has sensitive business data in their devices.  It may be easy to point one’s finger at the naughty telecommuter, but studies also show that the businesses themselves are lacking in providing adequate privacy and security measures.

In a survey conducted by the Center for Democracy and Technology, it was concluded that “many organizations today are not effectively managing the risks to personal information presented by the telecommuting workforce.”  The results showed that only half of the 73 organizations surveyed developed telecommuting guidelines for their employees.  If such a big percentage of organizations don’t have these guidelines, then it’s no surprise that these security leaks occur.

In the end, we can’t solely blame the employer nor the employee for poor security risk management.  The truth is, without firm security policies that are discussed between employer and telecommuter, the latter wouldn’t know what the boundaries are.  As for the telecommuters themselves, it’s about following company policy even if no one appears to be watching your back.