Reading time: 4 Minutes
Data breaches and cyberattacks are an increasing threat to businesses, but flexible working offers some surprising advantages to keeping data safe on the move
Has your business been compromised by a data breach? If you answered no, you’re one of the lucky ones. With more than 50 per cent of US businesses experiencing a cyberattack in the past year, for many, a breach is a matter of when, not if.
In the first half of 2017 alone, there were nearly two billion records lost or stolen in data breaches – a 164 per cent increase from the previous six-month period(1). And, according to technology startup Dashlane, these numbers could be even higher. “Nearly 60 per cent of the total breaches include an unknown or unreported number of compromised records,” says the company’s growth marketing manager Eitan Katz.
Data breaches may involve financial information such as credit card or bank details, personal health information, personally identifiable information, trade secrets of corporations or intellectual property. Most data breaches involve overexposed and vulnerable unstructured data – files, documents and sensitive information.
And the financial repercussions of a data breach can be astronomical. In the Ponemon Institute’s most recent Cost of Data Breach Study(2), it puts the global average cost of a data breach at $3.62m. The average cost for each lost or stolen record containing sensitive and conﬁdential information is $141.
Yet many businesses are simply not prepared to cope. A report surveying more than 4,100 organisations(3) found that seven out of 10 were not prepared for a cyberattack or data breach. Only 26 per cent of UK IT professionals believe they have adequate experience in cloud security.
So what can your business do to keep its data safe and secure? James Mitchell, Head of Business Solutions at Regus, has a potentially surprising recommendation: use shared office space. “It might sound counterintuitive but, if you want to keep your company data safe and secure, shared office space is a good place for it,” he says.
Security from the start
So what measures are in place to ensure that a flexible office space is the safest place for your data? “We build security into all of our designs – it’s an essential consideration that has to be baked in from the very beginning. We do this for everything from the data network infrastructure at the bottom right up to our business applications to make sure that they’re all safe and secure,” explains Mitchell. “We only use the leading technology and work with specialist partners to help us do it right. But security not tested is not secure at all so we engage external auditors to check compliance and run regular anonymous security tests to prove the steps we take are working.”
While you might expect flexible office space to be less secure because the facilities are shared, the opposite can be true. “At Regus, we are very careful to segregate all of our customer connections,” says Mitchell. “We use our network firewalls to create virtual private networks. Those networks make sure that customers can’t cross over and access other customers’ networks. Everyone’s data is isolated from everyone else.”
James Mitchell, Head of Business Solutions at Regus
Know your privacy policies
With the General Data Protection Regulation (GDPR) in effect since May this year, it’s also important to ensure you’re meeting the regulation’s strict requirements – or face significant financial and reputational damage.
For businesses using flexible office space, this is particularly important. After all, you don’t want to leave confidential customer information on the shared printer, or have your client list fall into the wrong hands. “When it comes to customer data, Regus doesn’t hang on to anything that’s not needed,” says Mitchell. “For example, our printers and photocopiers are set to automatically delete the print jobs that get sent there once you’re finished, so your confidential document isn’t stored on the printer.”
Like many companies, Regus has changed its data retention policy following GDPR. “It took a lot of work to make sure we met the legal requirements in Europe but we think that applying the guiding principles in GDPR will help provide great protection for our clients all over the world,” explains Mitchell.
Don’t forget physical security
One of your key concerns when it comes to data security and shared office space may be rather more low-tech than some of the issues outlined above. In an independent experiment conducted by 3M and the Visual Privacy Advisory Council, an undercover ‘white hat’ hacker was able to obtain sensitive information purely by shoulder-surfing (looking at someone’s screen) in 88 per cent of trials(4).
To protect against this, Regus is in the process of rolling out new electronic locks to all new centres as standard. While previously, the centre teams would physically change the locks on the office once a client moved out, now customers will be able to access their offices and meeting rooms by using smartphones. “Electronic locks give us a better way to control what used to be a very manual process,” says Mitchell.
“This not only gives customers control of their own space, but it also tracks every use of the room and provides an event log for each office available to the customer via an app,” Mitchell adds. “If someone opens the room or tries to tamper with it, that will be recorded.”
The hardware to support this has already been installed in 280 centres, totalling nearly 15,000 phone-controlled locks. Up to five centres a week are currently being fitted or retro-fitted with the technology.
“Our ambition is for our customers to feel that Regus offers a more secure workspace for them than they could provide for themselves,” says Mitchell. “A few years ago, we had a client asking if they could put a metal cage around one of their offices. With everything we can do now, I think they’d feel right at home.”