Cybersecurity in the Era of Remote Work
Remote work has become a defining feature of the modern workplace, a trend that has only accelerated since the COVID-19 pandemic. According to Statista, the share of employees working remotely worldwide has risen from 20 percent in 2020 to 28 percent in 2023, with the technology industry leading the way with 67 percent of employees working primarily remotely.
It’s not just employees that are benefitting from this new way of working, with an increased work-life balance and freedom to work how and where they want. Employers can reap the benefits too, from gaining access to a much larger and more diverse pool of talent—without geographical restrictions—to fostering a flexible working environment that, in turn, boosts staff retention.
However, with more people working outside of the office, cybersecurity breaches are on the rise. It is now more important than ever to ensure organisations are safe and secure online. According to the Cyber Security Breaches Survey 2024, half of businesses and around a third of charities report having experienced some form of cybersecurity breach or attack in the last 12 months in the UK.
By far the most common type of breach or attack is phishing followed, to a lesser extent, by cybercriminals impersonating organisations in emails or online and then viruses or other malware. Among those identifying any breaches or attacks, the Home Office estimates the single most disruptive breach from the last 12 months cost each business, of any size, an average of approximately £1,205.
This comes as businesses reported a dramatic increase in the level of sensitive data stored in the cloud, as reported in a recent Thales survey of nearly 3,000 IT and security professionals across 18 countries. Three quarters (75 percent) of businesses said that more than 40 percent of data stored in the cloud is classified as sensitive, compared to 49 percent of businesses this time last year.
One of the biggest examples in recent years was a major security breach at Mailchimp in early 2023. The email marketing and newsletter giant said it was hacked and that dozens of customers’ data was exposed. It’s the second time the company was hacked in a period of six months. Another major case occurred in May 2022 at Cisco, a multinational digital communications company, who became aware of an attacker within their network. Their internal investigation showed that the attacker conducted a series of sophisticated voice phishing attacks to access a Cisco employee’s Google account.
Addressing the remote work challenge
There’s no doubt that cybersecurity measures need to be ironclad in today’s working world. The lack of control that an organisation has over employees’ home networks and public networks, such as in cafes, means that cybersecurity and employee education in how to stay safe online is paramount.
Collaborating with trusted technology providers becomes the essential solution in collectively addressing these remote work cybersecurity challenges, including using up-to-date malware protection, restricting admin rights, network firewalls, and agreed processes for phishing emails.
For employers, employee education should be the first port of call, as many may not even be aware of the potential risks. Certifications such as Cyber Essentials or Cyber Essentials Plus are a great way to increase the level of cyber awareness in your organisation, as well as gain much-needed assurance that your systems are fully protected.
Solutions at-a-glance
Strengthening Network Security
- VPNs: Use of Virtual Private Networks for secure remote access.
- Encryption: The role of encryption in protecting data in transit and at rest.
Secure Access Controls
- Multi-Factor Authentication (MFA): Implementation of MFA to enhance security.
- Zero Trust Model: Adopting a Zero Trust approach to network access.
Employee Training and Awareness
- Regular Training: Ongoing cybersecurity training programs for employees.
- Simulated Attacks: Conducting phishing simulations to raise awareness.
Secure Communication Tools
- Secure Collaboration Platforms: Utilising secure tools for team communication and file sharing.
- Monitoring and Incident Response: Establishing robust monitoring and incident response protocols.
At Arc Systems, we have been providing secure and reliable remote working IT support for many years. From our firewall range for remote access to our on-demand SSLVPN connection – we offer the software, hardware, and guidance needed to ensure your business gets the most out of hybrid and remote working, and secures business continuity.
Find out more here.