ue to the COVID-19 pandemic, many organizations had to take rapid health and safety precautions by supporting a remote workforce. Over the last several months, the conversation around moving towards a remote workforce more permanently, beyond COVID-19, has been considered by some organizations. Gartner’s CFO study revealed that 74% of those surveyed will move at least 5% of their previously on-site workforce to permanently remote positions post-COVID-19 . These new trends of remote work make that protecting against cyberattacks is more important than ever. Here are three security trends IT teams should be aware of when it comes to security threats in a remote workforce.
1. Connecting the workforce securely
Now that organizations operate with a remote workforce, staying connected at any time from anywhere is a necessity. With the use of a VPN, employees can securely connect to their office’s network regardless of where they’re located. However, VPNs are highly vulnerable to cyber threats. According to an evaluation from Forbes, “a large number of free or cheap VPNs may be doing the exact opposite of what we expect from them, collecting and exposing our data rather than hiding it” . It is essential that IT teams have a way to monitor all security events while also having remediation processes in place if a threat does occur.
2. Protecting against increased security vulnerabilities
With a physically scattered workforce, online attackers have more opportunities to invade and harm an organization’s users and internal network. Due to the COVID-19 pandemic, cyber attackers have found new ways of infiltrating an entity’s infrastructure and studies carried out have revealed that there was an increase in internet traffic from 25% to 35% since the start of the pandemic. Cyberattackers are using creatively titled COVID-19 emails that seem to be coming from legitimate health sources or pandemic reports. Similarly, voice and SMS phishing attacks are also on the rise as remote workers use personal devices to hold conference calls or confirm multifactor authentication. It is a natural tendency for users to open an email or accept a call or text that seems harmless because indications of dangerous content are not obvious. Additionally, some IT teams may not have the resources or established processes to combat these challenges at the scale currently seen.
3. Safeguarding business applications and sensitive data
Currently, there is an increase in dependency on remote work applications and services. Traffic from communication and collaboration applications like Office 365, WebEx, Zoom, and Slack (just to name a few) has skyrocketed. This leaves an organization’s assets to be more vulnerable and there also more ways to attack and steal important information, such as credit card data or personal information. In that way, is necessary that organizations implement security solutions to protect all applications used on all transactions, such as billing and returns, which now happen in the homes of remote employees.
With remote work, organizations are facing much bigger security challenges to protect not just their customers, but also their users and infrastructure. Behind the scenes, IT teams have the challenge of ensuring security at every point in the network and with every customer interaction. Being cognizant of where potential threats could be coming from is the first step to a more secure remote work environment.
-  https://www.gartner.com/en/newsroom/press-releases/2020-04-03-gartner-cfo-surey-reveals-74-percent-of-organizations-to-shift-some-employees-to-remote-work-permanently2
-  https://www.forbes.com/sites/simonchandler/2019/09/23/too-many-vpns-put-our-privacy-and-security-at-risk/#5347a43f61df