SYS-CON MEDIA Authors: Pat Romanski, Liz McMillan, Yeshim Deniz, Elizabeth White, Courtney Abud

Article

Remote Workers Increase Challenges in Cybersecurity

Cybersecurity Gets More Complicated with Remote Workers

Remote work has become a consistent trend over the last few years with the number of freelancers and employees working (at least part-time) from home increasing quickly. According to predictions from 2017 research, 58 percent of the U.S. workforce will be freelancing at least some of the time by 2027.

This rapid increase in flexible work is exciting, but comes with some unique cyber security challenges. Many businesses, especially those with few employees, don’t fully understand the cybersecurity threats they face with their remote employees. Unfortunately, this exposes them to higher threat risk.

“Remote workers are a known weak link in almost every organization’s security profile, which is why threat actors target them,”says Justin Dolly, CISO of Malwarebytes. “The farther away from the typical corporate network you get, the less security there is protecting the users. There has always been a challenge managing endpoints, especially with the advent of Bring Your Own Device (BYOD) some years ago.”

With remote workers popping up all over the globe, targeted attacks are growing more sophisticated and frequent.

Common Cybersecurity Threats

All business owners should strive to understand the most common threats, particularly those targeting remote work. Here are some key findings for remote workers and their cybersecurity risks.

Unsecured Connections

Remote workers typically log onto an enterprise server with their own internet, or worse—with public Wi-Fi. Hackers often use public Wi-Fi and unsecured home connections to gain access to sensitive work information.

Even if you require your employees to use a virtual private network (VPN), it’s difficult to enforce this practice. There’s also the risk that hackers will gain access to the VPN through a single employee and consequently access information on the entire network.

Weak Passwords

Weak passwords are one of the most common entry points for hackers targeting remote workers. Many employees use the same password for everything, or they keep a file or paper record of all their passwords. Once that code is cracked, hackers can gain entry to the company networks.

Ignorance to Threats

People often don’t realize the threats facing enterprises, especially when they’re located far from the hub. Millennials are particularly ignorant to these threats.

"Millennials in the workplace have a different perspective on the sensitivity of information, information-sharing and the ramifications of personal data being shared within a corporate environment," Morey Haber, a vice president of technology a cybersecurity companytold Society for Human Resource Management. It’s the ignorance of these employees and others that enable third-party hacking success.

Mitigating Cybersecurity Threats

Understanding the threats facing your remote workers is only the beginning. If you wish to survive an attack, knowing how to mitigate your risk is vital.

Evolve With the Technology

Technology is evolving to match the threats that come our way, but we have to adopt prevention tech if we wish to protect our organizations.

“The most critical data is moving to the cloud,”suggests an article from Cato Networks, an SD-WAN company dedicated to increasing security among enterprises. “Optimized, secure access to the Internet and cloud from your places of business is a must, but you also need to take into consideration employees accessing the cloud at home or in public places. Tools such as firewalls, data encryption, two-factor authentication, and a VPN can help, while consistent employee training on best practices for secure remote working is also key.”

Research top technology offerings for cybersecurity, and invest in what will offer robust protection to your organization.

Train Employees

Since most of the threats facing remote workers involve employee ignorance, simple training measures could be all you need to mitigate risk. Webinars, cybersecurity training courses, company memos, and more can be utilized to keep employees in the loop.

Also, create a group of policies and procedures that employees should follow to prevent an attack. Everyone hopes that these instances will never happen, but you’ll be glad you were prepared if it does.

Write an Action Plan

Companies that survive an attack do so because they had a clear set of policies and proceduresoutlined in an action plan beforehand. Each organization, whether fully or partially online, should have such a strategy ready for action when an attack hits.

Distribute a copy of the plan to each member of your team, both in-house and remotely. Cover key aspects in your regular trainings, and encourage employees to ask questions and further research cybersecurity measures. Their engagement in your cybersecurity action plan will be key to promoting a safer business.

More Stories By Larry Alton

Larry Alton is an independent business consultant specializing in social media trends, business, and entrepreneurship. Follow him on Twitter and LinkedIn.

Latest Stories
As Apache Kafka has become increasingly ubiquitous in enterprise environments, it has become the defacto backbone of real-time data infrastructures. But as streaming clusters grow, integrating with various internal and external data sources has become increasingly challenging. Inspection, routing, aggregation, data capture, and management have all become time-consuming, expensive, poorly performing, or all of the above. Elements erases this burden by allowing customers to easily deploy fully man...
IT professionals are also embracing the reality of Serverless architectures, which are critical to developing and operating real-time applications and services. Serverless is particularly important as enterprises of all sizes develop and deploy Internet of Things (IoT) initiatives. Serverless and Kubernetes are great examples of continuous, rapid pace of change in enterprise IT. They also raise a number of critical issues and questions about employee training, development processes, and opera...
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. DevOpsSUMMIT at CloudEXPO expands the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike.
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility.
This month @nodexl announced that ServerlessSUMMIT & DevOpsSUMMIT own the world's top three most influential Kubernetes domains which are more influential than LinkedIn, Twitter, YouTube, Medium, Infoworld and Microsoft combined. NodeXL is a template for Microsoft® Excel® (2007, 2010, 2013 and 2016) on Windows (XP, Vista, 7, 8, 10) that lets you enter a network edge list into a workbook, click a button, see a network graph, and get a detailed summary report, all in the familiar environment of...
The Kubernetes vision is to democratize the building of distributed systems. As adoption of Kubernetes increases, the project is growing in popularity; it currently has more than 1,500 contributors who have made 62,000+ commits. Kubernetes acts as a cloud orchestration layer, reducing barriers to cloud adoption and eliminating vendor lock-in for enterprises wanting to use cloud service providers. Organizations can develop and run applications on any public cloud, such as Amazon Web Services, Mic...
Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. It even comes with Prometheus to store the metrics for you and pre-built Grafana dashboards to show exactly what is important for your services - success rate, latency, and throughput. In this session, we'll explain what Linkerd provides for you, demo the installation of Linkerd on Kubernetes and debug a real world problem. We will also dig into what functionality you can build on ...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Technology has changed tremendously in the last 20 years. From onion architectures to APIs to microservices to cloud and containers, the technology artifacts shipped by teams has changed. And that's not all - roles have changed too. Functional silos have been replaced by cross-functional teams, the skill sets people need to have has been redefined and the tools and approaches for how software is developed and delivered has transformed. When we move from highly defined rigid roles and systems to ...
Implementation of Container Storage Interface (CSI) for Kubernetes delivers persistent storage for compute running in Kubernetes-managed containers. This future-proofs Kubernetes+Storage deployments. Unlike the Kubernetes Flexvol-based volume plugin, storage is no longer tightly coupled or dependent on Kubernetes releases. This creates greater stability because the storage interface is decoupled entirely from critical Kubernetes components allowing separation of privileges as CSI components do n...
With container technologies widely recognized as the cloud-era standard for workload scaling and application mobility, organizations are increasingly seeking to support container-based workflows. In particular, the desire to containerize a diverse spectrum of enterprise applications has highlighted the need for reliable, container-friendly, persistent storage. However, to effectively complement today's cloud-centric container orchestration platforms, persistent storage solutions must blend relia...
Applications with high availability requirements must be deployed to multiple clusters to ensure reliability. Historically, this has been done by pulling nodes from other availability zones into the same cluster. However, if the cluster failed, the application would still become unavailable. Rancher’s support for multi-cluster applications is a significant step forward, solving this problem by allowing users to select the application and the target clusters, providing cluster specific data. Ranc...
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
JFrog, the DevOps technology leader known for enabling liquid software via continuous update flows, was honored today with two prestigious awards as part of DevOps.com's annual DevOps Dozen. The awards recognized both JFrog Artifactory as the "Best DevOps Commercial Solution" and JFrog Co-Founder and CEO, Shlomi Ben Haim, as the "Best DevOps Solution Provider Executive". DevOps.com holds the DevOps Dozen awards annually to recognize the best of the best in the global DevOps marketplace.
Eggplant, the customer experience optimization specialist, announced the latest enhancements to its Digital Automation Intelligence (DAI) Suite. The new capabilities augment Eggplant’s continuous intelligent automation by making it simple and quick for teams to test the performance and usability of their products as well as basic functionality, delivering a better user experience that drives business outcomes.