We're rapidly spiralling-in on a scope, purpose and hence title for the next NoticeBored security awareness and training module, currently trundling its way along the production conveyor belt at IsecT HQ.
Inspired by a customer request to cover the security aspects of 'home working', we set out to complement the BYOD and business continuity topics ... but in exploring the associated information risks and controls, we've realized that there are other ways and means of working with similar issues.
Mobile or portable working, for example, is almost the rule for managers and professionals these days, at least to the extent of being constantly in touch by cellphone, keeping up with emails and TXT messages, and using work apps on smartphones, laptops and tablet PCs. Commuters on public transport often seem totally absorbed by their screens and ear-buds, whether that's personal or work emails, podcasts, news from the city desk, Harry Potter, Game of Thrones, Bach or BoyZone we don't know.
Just as 'the office' has evolved from classrooms laid out with rank-and-file desks sporting noisy typewriters and ashtrays, to separate rooms with closed doors, through Dilbert cubicles (with partitions but without doors), to open-plan spaces, stand-up meetings, table-football, basketball hoops and flame-grilled hot-desking, so too 'the home office' has changed over time.
Back in the 80's all-in-one beige plastic monsters such as IBM PCs and DEC VAXmates were all over the business ads, while home computers of the time looked more like unfinished industrial machines with plenty of blinkenlights and mysterious switches to catch the hobbyist's beady eye. Adverts focused on the 'powerful machine' rather than 'the workstation', 'desk' or 'office'. We had duplicators, pagers, PDAs and luggables, facsimile machines, and those first generation mobile telephones that needed their own motorized carts for the battery packs.
Do you recall when 'workstation furniture' became a thing - weird multilevel desks on caster wheels with cutouts for keyboards and cables, and plenty of depth for big heavy CRT monitors, leaving precious little leg-room for the unfortunate user. For a while, executive home offices were advertised by suited, bossy gentlemen (almost always) in high-back puffy leather chairs at expansive and expensive mahogany veneer desks the size of tennis courts (well table tennis tables anyway). Then came corner desks, filing cabinets on wheels and home stationery cupboards with roller-shutter fronts to stop the kids pinching daddy's crayons.
Today, given the price of property, the 'home office' is more often a corner of the kitchen workbench or someone's lap. I wouldn't be surprised to learn of people replying to work emails on vertical touchscreens on their fridges and microwaves, all while cooking tea. We don't all have the Oval Office at home.
It has become socially acceptable, almost the norm to hold business meetings in cafes and restaurants, and anyone without a smartphone in easy reach, yakking loudly and laughing into their wireless headset, stands out like a sore thumb-drive.
Entire generations of business travelers have been trained to leap to their feet as the plane lurches to a stop, grabbing their phones and wondering where the Uber will lurk.
Oh and as speaking as a motorcyclist, don't get me going on texting-while-driving. Have you noticed just how many displays there are built-in to cars now, in addition to those clutched by the occupants?
So, that outlines the physical and cultural context we have in mind for the next awareness module. Some of the associated information risks are obvious, others less so, which means quite a variety of controls, plenty to explain and discuss.