SYS-CON MEDIA Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, William Schmarzo, Dana Gardner

Article

Remote Workers Increase Challenges in Cybersecurity

Cybersecurity Gets More Complicated with Remote Workers

Remote work has become a consistent trend over the last few years with the number of freelancers and employees working (at least part-time) from home increasing quickly. According to predictions from 2017 research, 58 percent of the U.S. workforce will be freelancing at least some of the time by 2027.

This rapid increase in flexible work is exciting, but comes with some unique cyber security challenges. Many businesses, especially those with few employees, don’t fully understand the cybersecurity threats they face with their remote employees. Unfortunately, this exposes them to higher threat risk.

“Remote workers are a known weak link in almost every organization’s security profile, which is why threat actors target them,”says Justin Dolly, CISO of Malwarebytes. “The farther away from the typical corporate network you get, the less security there is protecting the users. There has always been a challenge managing endpoints, especially with the advent of Bring Your Own Device (BYOD) some years ago.”

With remote workers popping up all over the globe, targeted attacks are growing more sophisticated and frequent.

Common Cybersecurity Threats

All business owners should strive to understand the most common threats, particularly those targeting remote work. Here are some key findings for remote workers and their cybersecurity risks.

Unsecured Connections

Remote workers typically log onto an enterprise server with their own internet, or worse—with public Wi-Fi. Hackers often use public Wi-Fi and unsecured home connections to gain access to sensitive work information.

Even if you require your employees to use a virtual private network (VPN), it’s difficult to enforce this practice. There’s also the risk that hackers will gain access to the VPN through a single employee and consequently access information on the entire network.

Weak Passwords

Weak passwords are one of the most common entry points for hackers targeting remote workers. Many employees use the same password for everything, or they keep a file or paper record of all their passwords. Once that code is cracked, hackers can gain entry to the company networks.

Ignorance to Threats

People often don’t realize the threats facing enterprises, especially when they’re located far from the hub. Millennials are particularly ignorant to these threats.

"Millennials in the workplace have a different perspective on the sensitivity of information, information-sharing and the ramifications of personal data being shared within a corporate environment," Morey Haber, a vice president of technology a cybersecurity companytold Society for Human Resource Management. It’s the ignorance of these employees and others that enable third-party hacking success.

Mitigating Cybersecurity Threats

Understanding the threats facing your remote workers is only the beginning. If you wish to survive an attack, knowing how to mitigate your risk is vital.

Evolve With the Technology

Technology is evolving to match the threats that come our way, but we have to adopt prevention tech if we wish to protect our organizations.

“The most critical data is moving to the cloud,”suggests an article from Cato Networks, an SD-WAN company dedicated to increasing security among enterprises. “Optimized, secure access to the Internet and cloud from your places of business is a must, but you also need to take into consideration employees accessing the cloud at home or in public places. Tools such as firewalls, data encryption, two-factor authentication, and a VPN can help, while consistent employee training on best practices for secure remote working is also key.”

Research top technology offerings for cybersecurity, and invest in what will offer robust protection to your organization.

Train Employees

Since most of the threats facing remote workers involve employee ignorance, simple training measures could be all you need to mitigate risk. Webinars, cybersecurity training courses, company memos, and more can be utilized to keep employees in the loop.

Also, create a group of policies and procedures that employees should follow to prevent an attack. Everyone hopes that these instances will never happen, but you’ll be glad you were prepared if it does.

Write an Action Plan

Companies that survive an attack do so because they had a clear set of policies and proceduresoutlined in an action plan beforehand. Each organization, whether fully or partially online, should have such a strategy ready for action when an attack hits.

Distribute a copy of the plan to each member of your team, both in-house and remotely. Cover key aspects in your regular trainings, and encourage employees to ask questions and further research cybersecurity measures. Their engagement in your cybersecurity action plan will be key to promoting a safer business.

More Stories By Larry Alton

Larry Alton is an independent business consultant specializing in social media trends, business, and entrepreneurship. Follow him on Twitter and LinkedIn.

Latest Stories
Hackers took three days to identify and exploit a known vulnerability in Equifax’s web applications. I will share new data that reveals why three days (at most) is the new normal for DevSecOps teams to move new business /security requirements from design into production. This session aims to enlighten DevOps teams, security and development professionals by sharing results from the 4th annual State of the Software Supply Chain Report -- a blend of public and proprietary data with expert researc...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the most comprehensive program and with 222 rockstar speakers throughout our industry presenting 22 Keynotes and General Sessions, 250 Breakout Sessions along 10 Tracks, as well as our signature Power Panels. Our Expo Floor will bring together the leading global 200 companies throughout the world of Cloud Computing, DevOps, IoT, Smart Cities, FinTech, Digital Transformation, and all they entail.
Eric Taylor, a former hacker, reveals what he's learned about cybersecurity. Taylor's life as a hacker began when he was just 12 years old and playing video games at home. Russian hackers are notorious for their hacking skills, but one American says he hacked a Russian cyber gang at just 15 years old. The government eventually caught up with Taylor and he pleaded guilty to posting the personal information on the internet, among other charges. Eric Taylor, who went by the nickname Cosmo...
ClaySys Technologies is one of the leading application platform products in the ‘No-code' or ‘Metadata Driven' software business application development space. The company was founded to create a modern technology platform that addressed the core pain points related to the traditional software application development architecture. The founding team of ClaySys Technologies come from a legacy of creating and developing line of business software applications for large enterprise clients around the ...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
Most modern computer languages embed a lot of metadata in their application. We show how this goldmine of data from a runtime environment like production or staging can be used to increase profits. Adi conceptualized the Crosscode platform after spending over 25 years working for large enterprise companies like HP, Cisco, IBM, UHG and personally experiencing the challenges that prevent companies from quickly making changes to their technology, due to the complexity of their enterprise. An accomp...
The benefits of automated cloud deployments for speed, reliability and security are undeniable. The cornerstone of this approach, immutable deployment, promotes the idea of continuously rolling safe, stable images instead of trying to keep up with managing a fixed pool of virtual or physical machines. In this talk, we'll explore the immutable infrastructure pattern and how to use continuous deployment and continuous integration (CI/CD) process to build and manage server images for any platfo...
DevOpsSUMMIT at CloudEXPO, to be held June 25-26, 2019 at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
Automation is turning manual or repetitive IT tasks into a thing of the past-including in the datacenter. Nutanix not only provides a world-class user interface, but also a comprehensive set of APIs to allow the automation of provisioning, data collection, and other tasks. In this session, you'll explore Nutanix APIs-from provisioning to other Day 0, Day 1 operations. Come learn about how you can easily leverage Nutanix APIs for orchestration and automation of infrastructure, VMs, networking, an...
Sanjeev Sharma Joins November 11-13, 2018 @DevOpsSummit at @CloudEXPO New York Faculty. Sanjeev Sharma is an internationally known DevOps and Cloud Transformation thought leader, technology executive, and author. Sanjeev's industry experience includes tenures as CTO, Technical Sales leader, and Cloud Architect leader. As an IBM Distinguished Engineer, Sanjeev is recognized at the highest levels of IBM's core of technical leaders.
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
It cannot be overseen or regulated by any one administrator, like a government or bank. Currently, there is no government regulation on them which also means there is no government safeguards over them. Although many are looking at Bitcoin to put money into, it would be wise to proceed with caution. Regular central banks are watching it and deciding whether or not to make them illegal (Criminalize them) and therefore make them worthless and eliminate them as competition. ICOs (Initial Coin Offer...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
The dream is universal: heuristic driven, global business operations without interruption so that nobody has to wake up at 4am to solve a problem. Building upon Nutanix Acropolis software defined storage, virtualization, and networking platform, Mark will demonstrate business lifecycle automation with freedom of choice and consumption models. Hybrid cloud applications and operations are controllable by the Nutanix Prism control plane with Calm automation, which can weave together the following: ...