Risk Assessment for Mobile Workers based on Multiple Viewpoints and Portfolio of Risk Countermeasures
In recent years, the government-led “work style reform” has been heavily promoted, and the work style called telework has been attracting attention, particularly since the advent of COVID-19 in early 2020. Telework, which involves mobile workers working outside the office to improve productivity and reduce costs, is becoming mainstream in many companies. However, as workers outside of the office perimeter face increasing daily security threats, mobile workers present various new risks to enterprises. Mobile workers themselves are also associated with risks due to changes in their working environment, as the increasing external pressures to work more effectively and efficiently can affect their well-being. In this paper, we focus on risk, which is the most important of the various issues facing mobile workers. Specifically, we extracted the current risk factors of mobile workers by using a risk breakdown structure method based on literature and case studies, and then proposed countermeasures for the extracted risk factors using a risk matrix method. We also developed a portfolio of risk measures from the viewpoint of practicality and demonstrated that step-by-step measures are possible. Finally, we evaluated the effectiveness of the proposed risk measures using the risk values. Our findings will help contribute to a safe and secure mobile work environment.
Mitrefinch, Benefits of Mobile workforce; https://mitrefinch.com/blog/10-benefits-of-a-mobile-workforce.
G. Luk, Global Mobile Workforce Forecast Update 2016-2022; https://www.strategyanalytics.com/strategy-analytics/news/strategy-analytics-press-releases/2016/11/09/the-global-mobile-workforce-is-set-to-increase-to-1.87-billion-people-in-2022-accounting-for-42.5-of-theglobal-workforce.
S. Tanimoto, et al., “Concept Proposal of Multi-layer Defense Security Countermeasures Based on Dynamic Reconfiguration Multi-Perimeter Lines,” NBiS-2019 (ADPNA2019), AISC 1036, pp. 413–422.
S. Makinen, Mobile work and its challenges to personal and collective information management, http://informationr.net/ir/17-3/paper522.html#all2004.
iPass, 2018 Mobile Security Report, https://www.ipass.com/wp-content/uploads/2018/03/iPass-Mobile-Security-Report-2018.pdf.
Helpnetsecurity, Apricorn; https://www.helpnetsecurity.com/2018/06/15/securing-mobileworkers.
Cisco System, Understanding Remote Worker Security: A Survey of User Awareness vs. Behavior; https://www.cisco.com/c/dam/global/en_ca/assets/pdf/Understanding_Remote_Worker_Security_A_survery_of_User_Awareness_vs_Behaviour.pdf.
S. Shagvaliyeva and R. Yazdanifard, Impact of Flexible Working Hours on Work-Life Balance, American Journal of Industrial and Business Management, Vol. 4 No. 1, pp. 20-23.
Boswell, W., & Olson-Buchanan, J., The Use of Communication Technologies After Hours: The Role of Work Attitudes and Work-Life Conflict, Journal of Management, 33(4), pp.592-610, 2007.
J. Mulki, et al., Set up remote workers to thrive, MIT Sloan Management, pp.63-69, 2009 https://www.researchgate.net/profile/Felicia_Lassk/publication/264844669_Set_Up_Remote_Workers_to_Thrive/links/542ec3900cf29bbc126f5601.pdf.
Project Management Institute, A guide to the project management body of knowledge PMBOK Guide, Sixth Edition.
T. Dechen, et al., A Preliminary Study of Risk Assessment of Mobile Workers for Improvement of Work-Life Balance, The 10th International Workshop on Networking, Computing, Systems, and Software (NCSS-10), 196, 2019
T. Dechen, et al., Risk Management of Mobile Workers based on Multiple Viewpoints, 9th International Congress on Advanced Applied Informatics (AAI2020), pp.649-654, 2020.
Cox's risk matrix theorem and its implications for project risk management, [Online]. Available from: http://eight2late.wordpress.com/2009/07/01/cox%E2%80%99s-risk-matrix-theorem-and-itsimplications-for-project-risk-management/
S. Tanimoto, M. Hiramoto, M. Iwashita, H. Sato, and A. Kanai, Risk Management on the Security Problem in Cloud Computing, IEEE/ACIS CNSI 2011, Korea.
ISMS Risk Assessment Manual v1.4, [Online]. Available from: https://www.igt.hscic.gov.uk/KnowledgeBaseNew/ISMS%20Risk%20Assessment%20Manual%20v1.4.pdf, 2015.1.4.
S. Tanimoto, et al., “A Study of Risk Assessment Quantification in Cloud Computing,” 8th International Workshop on Advanced Distributed and Parallel Network Applications (ADPNA-2014), pp. 426-431, Sep. 2014.
S. Tanimoto, et al., Risk Assessment Quantification of Ambient Service, ICDS 2015: The Ninth International Conference on Digital Society, pp. 70-75, Lisbon, Feb. 2015.
J.Wiik, et al., Effectiveness of Proactive CSIRT Services, In 18th Annual FIRST Conference on Computer Security Incident Handling, 2006
Y. Kenmoku, et al., A Study of Assurance Level in Information Security Management - LoA Introducing Method for CSIRT Deployment -, 6th International Conference on Project Management (ProMAC 2012), 2012