TELEWORKING has been hailed as the next revolution, and its promised benefits of increased productivity, cost reduction and increased work-life balance for employees are pushing mobile workforce enablement to become one of the top priorities for CIOs.

However, as the boundaries between work and home become increasingly blurred, companies are realising that distributed assets are more difficult to protect.

Gartner estimates that Asian employees will spend almost three billion hours teleworking yearly from 2008. Teleworking has become the de facto way of doing business and a source of competitive advantage.

The desire to cultivate a mobile workforce has appealed to many businesses due to the increased productivity and flexibility. However, mobility is proving to be a growing challenge for IT managers looking to secure access to business applications, especially with the increase in take up of mobile devices. Once a device is beyond the corporate firewall, how should companies manage and protect their information? In the Pacific Access Survey of 199 IT professionals conducted by Citrix across Asean, security concerns emerged as the most significant technical problem to mobile data and application delivery for the organisation.

As employees and businesses become increasingly mobile, companies need to look beyond traditional methods of securing network access to company resources and respond by re-looking their IT perimeters.

• Insurance for your data: provide a secure channel for communication Companies need to provide a secure channel for employees to access applications over the network, whether it is over wireless or managed network infrastructure. A secure channel is 'critically important'. Controlling, protecting and retaining intellectual property centrally can dramatically reduce the chance for data loss and theft. Companies should consider application delivery systems that ensure the best access experience for users, regardless of device or network.

With a secure application architecture, organisations can centralise applications and data in secure data centres, reducing costs of management and support, increasing data security, and ensuring fast, reliable performance.

• Trust your people, conditionally: Apply user/access policies Policies need to be in place to manage user access to applications, and should be implemented across multiple applications in a consistent manner. These could include identity management such as passwords.

Policies are also necessary to control how users access an application. For instance, they can be permitted to access everything they require if they are within a corporate network. If they are accessing the corporate network remotely, they should either be denied access to all applications or provided with access to resources in a virtualised environment.

• Benefit from having another pair of eyes: Ensure visibility of network From an organisation perspective, IT managers need to have strong visibility of what their users are doing on the corporate network. This can be done by deploying an application delivery infrastructure that allows companies to stay on top of potential security problems.

It is important to prevent data from leaving the data centre without the company's explicit permission, supporting regulatory compliance and security objectives.

• People are the biggest problem, not technology With an application delivery infrastructure, companies can enforce strong authentication such as encryption - for all applications with a strong password access policy and bypassing an end-user's direct involvement - thus, reducing any human error.

Consider having an integrated single sign-on and a secure SSL VPN gateway for remote access to enable a 'one password, one path' approach to application and data access, contributing to tighter security for the company.

• The office is everywhere, so don't differentiate between remote and local access As the lines between remote and local access have been blurred, companies should just consider 'access'.

With the mobile workforce adding a multitude of alternate connections and entry points into today's company networks, companies need to recognise and embrace the fact that they need to re-look their application security.

It is also important to enable secure, anytime, anywhere access to role-based desktops and applications, allowing companies to create an environment that truly adapts to their employees.

The writer is area vice-president, Asean, Citrix Systems