The Evolution of Cybersecurity in Remote and Hybrid Workforces

By Eric Sugar, President — ProServeIT

In the aftermath of the COVID-19 pandemic, remote and hybrid workforces have become the new normal. Employees who were forced to go remote during the pandemic have found the arrangement provides higher job satisfaction, better work-life balance, and less stress. In fact, recent statistics reveal that 65 percent of workers prefer a work model that allows them to work remotely 100 percent of the time.

Employers have also benefited from the shift to remote and hybrid work, which has led to higher productivity levels, less absenteeism, and reduced turnover. While a growing number of businesses are pushing back against wholly remote models, hybrid models seem to be something employers are committed to supporting for the foreseeable future.

As businesses have sought to transform distributed work models from a temporary fix to a permanent solution, cybersecurity has arisen as one of the key challenges. Essentially, supporting remote work requires adding significant space to a business’s digital landscape, and protecting that space requires re-envisioning cybersecurity.

Identifying remote work security challenges

The primary cybersecurity challenges posed by remote and hybrid work are related to the lack of visibility and control afforded to security teams. By allowing work to be done outside of the corporate network, businesses dramatically reduce their ability to oversee device activity, making it more likely security risks will go undetected.

For example, employees working from a local coffee shop are most likely working on an unsecured public WiFi network, which has the potential to make company data vulnerable. Adding certain devices to home networks, such as wireless printers, can also add security vulnerabilities. The failure on the part of employees to install system updates on their devices — something IT teams would manage in an in-office environment — can also introduce security weaknesses.

Remote work’s heavy reliance on cloud computing also adds security challenges, as remote infrastructures often use cloud apps, virtual desktop access, and cloud data. Each new cloud connection creates a new security risk to be considered and addressed.

The increased risk of social engineering attacks is another factor that makes security challenging in a remote work environment. Remote workers are more dependent on email and other digital communication, which creates more opportunities for phishing attacks. Repelling these attacks requires all employees to adopt a zero-trust mentality when it comes to incoming requests, regardless of their appearance.

Increasing security budgets is another factor that can’t be ignored in the remote and hybrid workplace. As work locations and devices increase, so too do security needs, which typically precipitates greater security spending. When security budgets aren’t increased accordingly, it can become impossible to effectively mitigate risks.

Implementing remote work security strategies

One of the first steps security teams should consider when adapting controls to remote work models is updating access frameworks. Least privilege policies can reduce security risks by restricting access to those who are connecting remotely. Employees should only have access to the specific data, servers, and tools needed for their work responsibilities.

Remote security should also focus on restricting access on the user’s end of the network, which can include assisting remote employees to secure home networks and WiFi with the latest security protocols. Requiring employees to connect via a VPN that encrypts traffic and conceals IP addresses can also boost security.

Multi-factor authentication (MFA) is another measure that can boost security on the employee end. Logging into company systems should require a password plus biometrics, a one-time code, or some other additional security step. As a layered defense strategy, MFA can also help companies to identify more quickly when an attack is occurring.

Encryption is also essential for protecting corporate data from risks posed by remote work, as any sensitive company data should be encrypted both at rest and in transit. Least privilege policies should extend to data access, ensuring sensitive data is accessible only to those with a legitimate need.

Endpoint detection and response (EDR) is an emerging cybersecurity strategy that can be extremely effective for remote work environments. EDR involves installing software on endpoint devices such as laptops or desktops that employees use to access work networks. The software detects threats by monitoring activity, such as changes to file systems and network requests, that occur on those devices.

EDR leverages artificial intelligence and machine learning to cull network and device data for signs of suspicious activity so that, when a threat is detected, security teams can launch a coordinated response. Ideally, EDR allows attacks targeting remote devices to be repelled before they can use remote devices to gain access to the entire network.

Building a remote work security culture

One of the most valuable things companies can do to boost security in the new reality of remote work is to foster a cybersecurity culture. If employees do not cooperate, security policies — no matter how well designed — will fail. To keep remote environments secure, all employees (not just those who work on security teams) must make a firm commitment to play a role in understanding and addressing security risks.

— Eric Sugar is the President of ProServeIT, a multi-award-winning Microsoft Partner headquartered in Canada. He has over 25 years of experience in the IT industry and has been with ProServeIT since 2002.