Cybersecurity in the new hybrid workplace
As more organizations begin to establish plans to return to the physical office, the majority of employees are still expecting to conduct their work in a hybrid environment post-pandemic. Many businesses are navigating what this means for their infrastructure as a hybrid environment brings its own set of challenges for cybersecurity.
At the start of the pandemic, as physical offices closed and employees were sent to work from home, businesses were forced to immediately adapt their infrastructure and security measures. No longer were employees working from desktop computers behind a firewall in the office. Instead, many were on brand new laptops that were purchased at the last minute and deployed with an immature security posture. With an impending hybrid work environment, organizations are starting to evaluate their temporary security measures in lieu of more permanent controls better suited for the organization.
What works for a 100 percent in-person environment is not going to result in the same success for a hybrid system as working from anywhere poses the following cybersecurity risks which businesses need to be aware of and work to combat:
- Bring your own Internet (BYOI): When working outside the office, employees are at the mercy of their Internet providers, whether that is what’s available at a hotel or coffee shop in addition to their personal home Internet. This comes with its own set of challenges as public and personal networks are usually much less secure than a standard office. Given this, businesses need to ensure the physical devices their employees are working on are as secure as possible.
- Who is using the device?: While working at home many employees cannot control who uses their work device as partners or children may log in to conduct personal business -- from checking email to engaging on their social media accounts. These additional users may not be as versed in cybersecurity best practices or be aware of what to look out for when it comes to security threats that put the device and business at risk.
To put it simply, hybrid is the worst of both worlds in terms of cybersecurity risks as organizations and employees need to have systems in place that can protect the infrastructure while on and off the premises. In a fully remote environment, each side knows what they are up against when it comes to risks and stricter security measures may be enacted. However, with a hybrid workforce, organizations may relax their standards and believe a stronger security umbrella is in place as some of the workers are in the office.
Cybercriminals on the other hand are not being forced to significantly change their tactics. Rather, they’re using their tried-and-true methods, but simply adjusting the messaging to work for a hybrid workplace. Take a company’s 'return to work' date for example -- cybercriminals may capitalize on this knowledge and send out phishing emails claiming to contain information on a new working policy.
While in the office, employees and businesses, in theory, should be protected with their organization-level security measures and mature endpoint security. For those in a hybrid model, certain actions can be taken to limit the cybersecurity risk on each side:
- Do phishing exercises: Regularly conduct exercises that educate and remind workers what to look out for when it comes to phishing emails -- both through their work and personal email accounts. Showcasing specific methods and examples will help potential recipients to be vigilant.
- Dissolve the perimeter: Most organizations have been moving away from the traditional data center, and its accompanying security approaches. To adapt, the data has to be protected where it lives, and where it’s being accessed.
- Attack surface management: With no perimeter to protect, an attack surface is essentially unlimited, and businesses need to implement and establish attack surface protection programs to limit the attacker’s potential access points.
- Evaluate infrastructure: When employees are back in the office, the infrastructure is going to change. Organizations need to decide if workers will simply continue on their laptops or transition back to their desktops, which may have year-old software or thousands of security patches that need to be implemented.
- Lock the device: While at home, people are usually not as vigilant when it comes to device security. Before stepping away, ensure that the computer or device is locked so no one else (especially children) can gain access as a seven-year-old could accidentally download ransomware onto the computer without even knowing. This should be enforced through Group Policy.
While the hybrid work environment comes with a unique set of cybersecurity challenges, there will likely be no going back to a fully in-person workforce. Organizations need to change their mindset to adequately protect users regardless of where they are working from -- both in the office or out. Due to this, many organizations may begin to lean on service providers instead of trying to enact security measures themselves. Through a combination of preparation, practice, and ensuring that the right technology is in place, both businesses and employees stand a greater chance of staying protected while being hybrid.
Randy Watkins is the Chief Technology Officer (CTO) for CRITICALSTART and an emerging thought-leader in the security industry. As CTO, Randy is responsible for designing and executing the company’s strategic technology initiatives, which includes defining the strategy and direction of CRITICALSTART’s Managed Detection and Response (MDR) services delivered by the Zero-Trust Analytics Platform (ZTAP).