Cyber security risks in flexible work environments

cybersecurity and flexible work environments

Australians value flexible work environments. According to a recent study, 73% of employees in Australia list work flexibility as a top priority when looking for a job. This can be attributed to longer commutes and work/life balance demands.

Flexible work conditions also allow businesses to reduce overhead costs, improve productivity, and raise employee morale. However, cyber security is a big issue, especially because of different types of employee working environments.

Risk #1: Remote staff  

When working from home or on the go, employees won’t be protected by their company’s intrusion prevention systems and firewalls. They may even resort to the free Wi-Fi in a coffee shop to access work-related files and emails. This is ill-advised because hackers monitor these unsecured networks for passwords and private information. What’s more, the sheer number of personal devices involved make it difficult for IT administrators to track, manage, and secure each device.

Solution: The best way to avoid these risks is with a mobile device management (MDM) system. MDM systems allow administrators to control all company-registered devices from a central console. For example, you can set file and app restrictions based on the device and employee. You can even push out security updates for all devices, track their location, and even wipe their data.

Every device should also have access to encryption software, which converts data into indecipherable code. For best results, make sure employees install advanced encryption systems that protect data in storage and in flight. Finally, encourage your employees to connect to only secure, password-protected networks and avoid public Wi-Fi hot spots.

Risk #2: Casual workers

From a cyber security standpoint, managing casual workers can be challenging. The rapid turnovers and lack of background checks mean businesses could be letting in people who can accidentally or intentionally put the company in harm’s way.

It’s not difficult for temporary staff to eavesdrop on corporate settings or access a co-worker’s computer to steal classified information. Some hacking groups even plant member of their team as casual workers to spy on the company and even trick unwitting targets to make fraudulent wire transfers.

Apart from malicious insider threats, casual workers don’t get as much IT security training as full-time staff get. This means they’re far more likely to click on dangerous links or plug in suspicious USB drives that were left out in the open.

Solution: This doesn’t mean businesses should avoid casual workers entirely. When it comes to hiring casual workers, you must investigate their backgrounds and applications as closely as you would with full-time applicants.

Once employed, they must have limited access to company data, apps, server rooms, and corporate meeting rooms to reduce the chances of insider hacks. You should use identity and access management (IAM) software to:

  • set specific access restrictions on accounts and files,
  • physical security systems (e.g., surveillance cameras and biometric scanners) to protect key areas of your facility. and
  • Security training

Training in security must also be provided to all casual workers during orientation. This means dedicating an hour to inform staff about the various online scams, safe web practices, and your company’s wire transfer protocols.

Risk #3: Employees on holiday

Much like remote workers, employees on leave could connect to unsecured Wi-Fi hot spots, enabling hackers to intercept sensitive information. USB charging points at airports and train stations can also contain dangerous malware.

What’s worse is Australian organisations see a 30% increase in attempted attacks during the holidays. This is worrying because employees are more likely to let their guards down when they’re on vacation.

Solution: To mitigate these threats, you should strongly discourage employees from taking work files and devices on their vacation. If they absolutely need to work remotely, employees must avoid connecting to public Wi-Fi hot spots or use encryption software.

The single-most effective strategy to reduce cyber risk, however, is regular security training. If employees are aware of the latest threats and are cautious of every link, website, and charging point they come across, your business will be safe no matter where your employees are.

It’s clear that avoiding all these risks requires cutting-edge security tools. If you have remote workers, casual staff, or employees about to go on holiday, Empower IT Solutions can help.  We offer robust MDM systems, IAM software, and cyber security services. Call us today!