A Guide to Hybrid Working Cyber Security
How to keep your business safe from anywhere, on any device.
After months of working from home, restrictions have now eased, and many businesses have implemented a hybrid work model whereby employees work both in the office and remotely. This comes as no surprise as a recent survey found that 47% of employees would be likely to look for another job if their employer failed to offer flexible working arrangements.
Benefits of Hybrid Work
Flexibility: Better Work-Life Balance Cost Savings for Employees and Employers One of the key benefits of hybrid working is that it allows greater flexibility for employees.
Cost Savings for Employees and Employers: For employees, working in a hybrid arrangement may result in decreased expenditure on fuel from commuting and opens the possibility to move to better value housing as they won’t need to commute as often. For employers, hybrid working may allow them to downsize their office spaces.
How has Covid-19 and Remote Work Affected Security?
Many of most devastating cyberattacks of the past 18 months have been ransomware attacks. Between August 2020 and August 2021, ransomware attacks increased by 64%.
The swift change to working from home meant that many businesses had not appropriately prepared for how to manage security policies when employees were not in the office. Most of these ransomware attacks started from a phishing email, which have also seen an upward trend since the widespread advent of COVID-19 and remote/hybrid working.
During remote work, insider threats were also more common, and often these were unintentional breaches of security policy that lead to other forms of attack. This increase in prevalence was often due to employees having to find work-arounds to get IT systems to function, or from employees lowering their guard in respect to security, as they are no longer working from an office space.
In the past 12 months 4 in 10 businesses reported having some form of security incident and from these 83% were phishing attacks. Throughout the pandemic many phishing emails were focused on COVID-19 and remote working, and unfortunately these had a high success rate.
Business Email Compromise Attacks
Business email compromise attacks are a form of spear phishing whereby the cybercriminal attempts to deceive senior executives into transferring funds or revealing sensitive information. These are social engineering attacks that rely on the cybercriminal to thoroughly research the target and their vendors in order to craft convincing phishing emails.
The Security Challenges of Hybrid Work
If IT systems and the subsequent security policies are not adapted to suit hybrid work, employees will likely create workarounds to combat the shortcomings of the systems. This is evidenced as 36% of employees stated they have picked up poor cybersecurity behaviours and found ‘security work-arounds’ since working remotely.
There are also risks involved with Bring Your Own PC (BYOPC) programmes, despite reducing overall hardware costs. Employees working from home may also have less defined network boundaries, as well as poor home network security.
How Businesses Can Stay Secure Whilst Hybrid Working
Add an Extra Layer of Authentication
Implement Virtual Desktops or Cloud PCs
Educating Employee for a Strong Security Culture
Using Identity and Access Management
The move to hybrid work should bring many benefits to businesses and employees with an increase in flexibility and productivity. This new era of work presents some worrying security challenges, and businesses need to address these before it is too late. An investment of time and money into a comprehensive security solution now, may prevent a costly ransomware attack or data breach in the future.
If you want to find out more about how to protect your business whilst hybrid working, or are interested in technology that can support the move to hybrid work, get in contact with us today and read our eBook.