Working remotely or in a hybrid setting has granted employees added convenience and the freedom to change their day-to-day structure, as long as they’re getting their work done.
Have some errands to run during the day? Go ahead. Want to go grab a latte and catch up on work from a coffee shop instead of your home office or living room? Have at it.
A lot of workers are doing so. But is it safe? What cybersecurity measures should you have in place when employees are working from anywhere and often using their own devices?
According to a recent Harris Poll survey commissioned by Fusion Connect, 88% of hybrid workers say they regularly work from their home, but many also say they regularly work from a flexible or shared workspace (20%), or in a coffee shop (16%).
Meanwhile, half of office workers (50%), and more than 3 in 5 hybrid workers (61%), say they use a personal device for work. That grocery trip mentioned earlier might involve checking company email while in the checkout line, or responding to someone on collaboration applications like Teams or Slack while looking for the right peppers for that night’s stir fry.
Those employees working on shared public Wi-Fi like in a coffee shop are likely logging onto company networks to complete tasks or send emails.
In both situations, these employees could unknowingly be exposing their company to unnecessary risks. But the good news is there are strategies to stay safe.
Here are some security concerns presented by these scenarios, and what you should do to address them as we look toward the future of work.
Many organizations can’t afford to provide company-issued phones for all of their employees, and in the days of working on the go, personal cell phones have become a way to stay connected without being in an office or even logged on from a laptop at home.
For some companies working mostly in the cloud, the use of personal devices for work has become less of a problem, especially when the employee is using a protected network. Zero Trust and Multi-Factor Authentication go a long way toward keeping the company Teams network and email secure.
But these devices can become more dangerous if they’re accessing sensitive company data without layers of protection. Security for mobile devices might include a mobile device management tool to separate company data from the employee’s personal data. These programs allow the company to determine how an employee connects to its corporate network and what they can do with the data once it’s accessed.
It’s unlikely we’re going to stop employees from using their personal phones to work, but we need them to be armed with the right security approach to avoid costly interruptions.
It’s likely most of the company work being done on personal devices is centered around emails and using social/collaborative tools like Teams, Slack, and other messaging devices to communicate with colleagues while on the move.
There are some things you can do under the hood to manage how your employees access these programs, especially in case a mobile device is lost or stolen. You can protect entry by requiring a pin or needing biometric access like facial recognition or a fingerprint scan to log on.
It’s a bit of a journey for companies to configure these things over time. They’re collaboration tools, and the more you restrict them, the less collaborative they can be. It’s all about striking the right balance and making sure you’re staying secure.
Companies are less likely today than previously to have employees connecting to a data center. An acceleration was already underway, but the pandemic sped up cloud adoption.
Harvard Business Review [PDF] found that 59% of executives surveyed had increased investment in cloud applications, services, and/or infrastructure due to the pandemic. Cloud infrastructure spending alone surged 35% to almost $130 billion in 2020.
So for some, a VPN might be a little unnecessary or outdated. For others, the VPN could be the best way to protect your company’s information while your employees are – almost inevitably – working from a public or shared network.
Another valuable tip for public places, like coffee shops, is to use tethering, which allows you to connect your laptop to your phone, and it’s more secure than simply using your phone as a hotspot. However, using your phone as a hotspot, if properly secured, is still more secure than public WiFi.
Like anything else, arming your workforce with valuable and digestible information will go a long way. Not everyone is an IT professional, and they may not understand the best practices when it comes to working remotely.
Everyone learns differently, too. For some, the corporate training videos on security are most effective. For others who digest information differently, laying it all out in an email or another company intranet page might work better.
No matter which path you choose, it’s important to get it right. This is the mobile working environment we’re going to be living in now and in the coming years, and it’s time to set your security policies for the future.