Work from home security: Securing remote teams

• Author:
• Author name

  Quantumrun Foresight
• September 21, 2022

Insight summary

The shift to remote work brings new challenges in protecting data and systems, as employees work outside the secure corporate network. Companies are investing in stronger cybersecurity measures and training for employees, highlighting the need for better protection against increasing cyber threats. These developments are reshaping how businesses approach digital security in a work-from-home (WFH) world.

Work from Home Security context

Remote work is becoming increasingly prevalent as technology makes it easier than ever for employees to work from home. While this style of work offers many benefits, it also introduces new security risks. The lack of a physical perimeter makes it difficult to control access to data and systems, and the rise of telecommuting means that employees often work from home without the same level of digital security available in a corporate office.

The COVID-19 pandemic made WFH both necessary and widely accepted. However, employees not connected to an enterprise-level network are more exposed to potential cybersecurity attacks. As companies struggled to migrate their workforce online, many organizations were unable to devote sufficient resources to cybersecurity, including training their employees to identify phishing attempts. Similarly, some companies have lax security on the equipment they provide employees, making it easy for workers to use company laptops to stream online games and view content. Such non-work activities can cause work equipment to be susceptible to viruses and malware that can steal data. 

A European Proceedings of Social and Behavioral Sciences survey discovered that about 41 percent of respondents used their company equipment for private purposes. Meanwhile, only 66 percent of interviewed companies said they have a remote work cybersecurity policy. In addition, only 49 percent of respondents had guidelines for connecting their devices to secure connections remotely. About half of surveyed employees indicated that they used a virtual private network (VPN) to secure connections, and only 47 percent used multi-factor authentication (MFA). Further, only 41 percent expressed that they underwent remote work best practices training. 

Disruptive impact

Cyberattacks can range from identity theft to ransomware (i.e., the victim’s system is held hostage until they agree to pay a ransom to the attacker). Workplaces need to enforce cybersecurity practices and provide up-to-date machinery (e.g., anti-malware and data encryption software) that protects company equipment and staff. Organizations may need to focus on protecting team collaboration and communication tools since it’s possible to have malicious agents enter virtual meeting rooms or tamper with controls and access.

For example, Zoom installed end-to-end encryption after criticisms that its platform was too easy to hack. The remote workforce needs continuous backend monitoring for signs of security breaches or vulnerabilities on business equipment and accounts. This monitoring should be conducted by both information technology staff and third-party security experts.

 

Finally, employee education and training on cybersecurity risks and best practices for working remotely are necessary. As cyberattacks escalate, employees must learn how to identify and report such attempts. Additionally, implementing regular updates and refresher courses can ensure that the workforce remains vigilant and up-to-date with the latest security protocols and threat landscapes.

Implications of Work from Home Security

Wider implications of WFH security may include: 

• Small and midsized companies becoming increasingly victimized by cybercriminals due to their minimal remote cybersecurity resources. 


• The increased use of biometrics to verify the identities of remote workers.


• More organizations investing in cybersecurity solutions, including using AI to identify weak points in companies’ systems and potential risks and attacks.


• Employees being regularly trained to spot and defend against cyberattack methods and strategies.


• Governments increasingly mandating organizations to invest in stricter WFH security processes and technologies.


• An increase in secure, cloud-based storage solutions as more employees work remotely, enhancing data access and protection.


• The rise in demand for cybersecurity insurance policies by businesses to mitigate financial risks associated with remote working cyber threats.


• Enhanced focus on personal device security, leading to more stringent personal device management policies in workplaces adopting remote work models.

Questions to consider

• Do you work from home? If so, how do you ensure that you operate online safely with work devices?


• What are other potential risks and benefits of increasing WFH security measures?