What will hybrid remote work styles mean for organisational security?
Working from home (WFH) and remote working are terms we have become extremely familiar with over the last few years. As many businesses were forced into a remote, work from home setup overnight, there has been a deficit of contact and flexibility that hybrid working has the potential to address now we can return to the office.
According to a report by the Centre for Economics and Business Research conducted for Virgin Media 02, Covid-19 accelerated digital progress by more than four years for public sector organisations across the UK - even faster than reported in the private sector.
The impact on the UK economy for public sector adoption could potentially add £13.4 billion to UK GDP by 2025.
We will discuss some of the driving factors of this change, nuances, and potential pitfalls of your organisation’s security in relation to these changes in this article.
What is hybrid working and what are the benefits?
Hybrid working is the term used for a flexible, task appropriate approach to the workplace. It is guided by a belief that employees can often work better and more efficiently if given the freedom to make the choice of where to work. This could include working at the office, from home or a public space. It is considered the progression of work from home and can bring back those valuable face-to-face brainstorms and ‘water cooler moments’ to businesses.
Herein lies the main security concern. Using remote systems on public networks for example is potentially a very serious security risk. If your employees don’t have the understanding or training for your digital security procedures, you may be more vulnerable that you expect.
Ordinarily in an office, the IT team will be directly responsible for cybersecurity in the workplace and will always have master control of the network. As with most systems one of the key potential failure points is human error, and your hybrid working employees cannot be expected to have the same level of knowledge as a dedicated IT team if that isn’t their field of expertise. The need for a clear cybersecurity policy that all employees can understand is paramount in this situation.
A revolution in the workplace – no going back.
With industries needing to be reactive and proactive to the Covid 19 pandemic we have seen an acceleration of a trend towards hybrid remote working. With rapid change comes a need to focus on agile security measures. Scalable options with secure remote management facilities for email and data protection have become an essential part of organisational security.
It has been four decades since we have undergone a transformation in the way people work such as this. However, unlike in the 1980s, globalised technology hasn’t only been a driving force of that change, rather a part of the answer to the unprecedented issue of no longer being able to attend the office. A result of this has been a discovery of new workplace concerns. For an example, ‘Zoom fatigue’ and stability in video conferencing in large groups has been a real issue, especially for large teams and sectors such as education and healthcare. Hybrid working isn’t necessarily appropriate for all these areas but certainly it could be for universities and consultant specialists in a variety of fields.
Popular consensus is that the shift has occurred, and a large proportion of digital and globalised businesses will operate this way indefinitely going forwards. The CBI and Nexus have reported that only 5% of business plan to return to the office full time with the majority of firms already adopting a hybrid working practice. Meanwhile The Economic Times of India have reported on cyber exposure company Tenable’s global study which “reveals that 71% of organisations in India attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place in response to the pandemic”.
This being the case, if your organisation has seen these changes there are several things that need to be considered with urgency if they haven’t been already. We will summarise these key concerns below.
Security considerations with hybrid working
Security in the age of hybrid work needs to be considered on many different levels to working only from an office or only from home. Here are some potential weak points to consider in your organisation’s hybrid working digital security policy.
- Do you have a digital security policy?
- Who implements it and ensures people adhere?
- Have your employees been trained in your organisation’s digital security measures?
- Do you have an organisational VPN (Virtual Private Network) that your employees can use to login to the company server while working in a public space?
- Can your VPN handle the load of Teams or Zoom meetings?
- Do you allow employees to use video conferencing in a public space?
- Is your organisation’s Email encrypted?
- Do you have a strong password policy?
- Do you use 2FA (Two Factor Authentication)?
- Do you have insurance for your organisation’s devices such as laptops and phones when they are not in the office? Does this cover data loss?
- Do you have a clear reporting procedure for loss of data or device?
- Can you remotely wipe or protect data in the event of loss or theft of a device?
If your organisation doesn’t have any of these in place, you need to start now. Get in touch for a demo of our email and security solutions.
Tools like PieSecurity are designed with hybrid remote working in mind. Learn more about our email hygiene and encryption solutions and how they can protect your business.