Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Can You Contract Malware From Your Contractor?

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

Contractors. Remote employees. 1099 self-provisioned employees. Freelancers. Independent agents. Whatever they’re called and whatever category they fall into, they can unintentionally, to coin a cliché, be biting the hand that feeds them.

Is “to coin a cliche” a cliche’?

The point is that probably the majority of companies in today’s economy rely on people, who are not employees and often work offsite, to help build their product or create their service. Just a partial list of occupations would include software developers, insurance and real estate agents, PR agencies, contract Webmasters – even temporary staffing services. And, every outside source a company uses that has access to its network is capable of inadvertently introducing malware. In the wrong hands, and it wouldn’t be called malware unless it were in the wrong hands, malware could reveal personal customer information such as Social Security numbers and passwords, the company’s proprietary intellectual property and other confidential information such as product road maps and rollouts.

And what happens when contractors are “left to their own devices.” Literally. How does a company authenticate contractors’ devices to ensure they’re not infected?

A recent article in Computer Business Review, talks about this latest cultural debate in the workplace revolving around BYOD (Bring Your Own Device).

“For some time now IT managers and IT decision-makers have come under increasing pressure to enable the use of personal devices in the work environment. In just a short period of time ‘bring your own device’ has become common business parlance. But for businesses, simply allowing access of personal devices isn’t the answer. To ensure success it’s a question of enabling relevant, secure access across the entire network, while protecting corporate assets and delivering an optimal user experience.

“In the end, it’s about creating a user-focused network that supports the next-generation mobility experience. People feel comfortable with and, want to use their own personal device at work.”

Ian Foddering, CTO of Cisco U.K. & Ireland says Cisco has been all for both contractors and internal employees using their own devices. “At Cisco we have encouraged and applied a BYOD policy since 2009. Giving employees the freedom to use their personal devices (tablets, smartphones etc.) alongside their work devices harnesses the power of accessing information whenever and wherever they want.”

Noting that the workplace has changed appreciably in recent years, Foddering observes, “The traditional stereotype of the nine-to-five office job is no longer relevant in today’s business environment. Adopting mobile technology means employers can offer employees a better work-life balance beyond the traditional nine-to-five culture [so] we are seeing a shift from the workplace to a workspace.

“From CIOs downwards, flexible working hours are hugely appealing to a lot of employees. It’s also important in driving a strong inclusion and diversity culture, attracting and retaining a broad demographic of staff.

“Now, your work extends beyond your desk and PC. [A]ttitudes towards information access, mobile devices and social media have put pressure on businesses to adopt new technologies and improve IT infrastructure.”

By ThreatMetrix Posted