Remote working in all its different forms is here to stay. Therefore we must understand how to remotely work securely. Although the UK has recently scrapped all COVID rules, there are still major security risks involved for the large number of us still working remotely.
At the start of the pandemic, many organisations and employees were caught off guard by the sudden shift of having to work from home. It was a new experience which we were all underprepared for. Accessibility of services, Wi-Fi reliability, collaboration tools and hardware concerns were all common issues that we faced.
Since then, organisations and employees have adapted and remedied most of the issues resulting in an efficient workforce. Securely working remotely can also save money, boosts a healthy work-life balance, and enables the recruitment of skilled employees regardless of their location.
Hybrid working
What we’ve seen recently is staff returning to the office, with the option to also work remotely. This flexibility has been received well, as it instils trust within employees. However, it does require organisations to offer a secure and seamless transition for those who wish to participate in hybrid working.
Hybrid working has gained popularity within many workplaces due to the freedom/flexibility it provides. Employees can work from anywhere they like including the office if they want to. This can be beneficial as it allows people to adapt to their workloads. Employees within a post-Covid world have started looking for roles that support hybrid working. Meaning that more organisations are adopting the model to both increase retainment, and meet the needs of their employees. In a study performed by HRD in 2021, they found that 41% of workers would prefer to work entirely from home, with less than 10% wanting to return to the office full-time. This helps to put into perspective how the mindset of employees has changed.
The negatives of hybrid working
Despite the popularity, there are downsides to hybrid and remote working. How employees are measured and assessed on their work has changed. It can be difficult for managers to notice who’s falling behind, and who’s working hard when not in an office environment. This arguably supports why over the past two years, 29% of employees feel there was a lack of opportunity regarding career progression whilst working from home. Another issue is work-life balance. Having to work from home isn’t for everyone, as it can be difficult to establish boundaries between their home life and work. Mental health can also deteriorate. Often people don’t receive the same amount of social interaction that they would get if they were in an office environment, and for some, that interaction may be vital.
However, regardless of the positive and negatives of this new and widely implemented culture, it does come with additional security concerns for both employees and organisations.
Common security issues
One issue is using an unsecured network connection such as home networks or public networks. If you’re using these networks and accessing sensitive data, then hackers may be able to intercept and spy on transmitting data. Therefore, it’s recommended that your employees use a VPN when accessing unknown networks.
Using personal devices in line with work is also a security risk. Employees may not update their applications, software, or operating systems which may leave security gaps in their devices. In conjunction with this, employees may use unencrypted file-sharing platforms. There’s also the possibility of those who leave the organisation to keep their previous companies’ sensitive data on their personal devices.
Email scams have become a lot more common since the pandemic. Mostly due to the confusion of switching to remote working. Phishing scams are the most common as they involve tricking individuals into handing over secure information such as usernames or passwords. This can lead to the theft of sensitive company information.
How to reduce the risks
- Multi-factor authentication (MFA) is recommended for your organisation. An example of this would involve your employees logging on, but then being prompted on another device to confirm their action.
- Encryption should be implemented for almost all forms of data transmissions. This means if your data does fall into the wrong hands, then it is useless without the decryption key.
- Enable mandatory updates. Updates often get dismissed, meaning that your employees and organisation is at risk. Enabling mandatory updates forces the update to take place, regardless of the user’s input. Normally a certain time can be allocated, helping to reduce any disruptions for users.
- Restricting user access is also necessary in certain areas. Not allowing users to download certain programmes without permission helps to reduce the risk of malicious software being installed.
- Implement cloud-based computing. Where users sign in and actively use a virtual desktop from their computer. This can allow for tighter control over security.
- Have multiple backups of your data spread across different storage units. This is a must for any organisation as it allows for the procurement of old data. Whether your data gets lost, destroyed, or contaminated, having multiple back-ups may just save your organisation.
It’s fair to say that remote working will be a continued practice, even years on from the pandemic. This is because employees are actively seeking jobs that support the idea. Therefore, if organisations want to future-proof themselves, they should both accept the change, and do so in a way that is safe and secure for themselves and their employees.