The Covid-19 pandemic has changed the way many companies work. According to a study from IDG, 78% of employees have been working from home more than 60% of the time during the pandemic. Many of those employees may continue to do so indefinitely; according to recent reports, several companies are planning to maintain remote workforces even after the pandemic.
While going remote keeps costs down and lowers some risks — such as the risk of an active shooter on site – there are other security concerns you’ll need to be aware of if your team is working from home.
Ask the Expert: Are grants available to help with security?
5 security concerns to be aware of with a remote workforce
1. Cyber threats and information risk
While the physical risks of the workplace – assault, active shooters and physical robberies — are reduced by a remote workforce, the risks of attack by cyber criminals are increased. Most of your employees don’t have access to the secure equipment, firewalls, and IT department the way they do in an office setting, and bad actors know this. Hacks and breaches have risen since employees were sent home for the lockdown in late March. The Identity Theft Resource Center reports an uptick in unauthorized access to data in its latest report for 2020. A single breach can cost your organization big – a breach costs a company an average of $3.92 million, according to an annual report put out by the Ponemon Institute and IBM. That cost, which can often be shouldered by a large company, is enough to put a small organization out of business.
How can you avoid it? By making sure your IT and information security teams are vigilant, by training your people to recognize phishing scams and observe basic cyber hygiene practices, and by keeping current on the sorts of attacks that criminals are using to target organizations.
While information theft by hackers is one thing, remote employees are also vulnerable to traditional theft. This can take the form of a break-in; if criminals break into an employee’s home and steal a laptop issued to them, that’s certainly a security concern. It can also take the form of intellectual property theft.
When your employees are in the office, you have some control over who sees your intellectual property. When they work from home, you don’t know that they haven’t invited a reporter into their home to show them the latest design of your newest prototype.
You have to have a certain level of trust in your employees when they work remotely, but you also have to have policies and NDAs in place so that they know exactly what the consequences are for intellectual property theft.
Intellectual property theft isn’t always nefarious. Employees often reveal proprietary information without meaning to do so. This happens in offices as well; a group of coworkers may take a selfie in front of a project they’re working on and post it on social media.
When your workers are remote, the chances of unauthorized eyes finding your work is multiplied by however many households your team is living in. Visitors come over and see things by accident, spouses and kids borrow computers — there are many opportunities for carelessness to become a security risk. To combat this, make sure your team is trained to be compliant with best confidentiality practices, and invest in a solution that helps you stay on top of social media so that no intellectual property is accidentally released in a selfie.
4. Work-issued equipment
When your workforce is in an office, physical equipment is simple: they come to the office, work with the equipment there, and go home. But when they work from home, the line can become blurred. You need to have a very clear understanding of what equipment your team is using, if they return it upon termination, and the condition in which you expect it returned.
This isn’t just important for the sake of inventory. It’s also important from an insurance standpoint: will you need a rider on office equipment you provide? What happens in case of theft or fire? You’ll need to answer these questions when your workforce is remote.
5. Your team’s work-life balance
Not everyone is cut out for remote work. Working from home takes discipline in the most normal of times, and the pandemic has not been normal; people’s families are home and your workers may not be able to balance their work and life well at first. This is especially true for people who have never worked from home. They may be interrupted often, or become frustrated. They may have a hard time drawing boundaries between their work and their family life.
As an employer, this is where you need to define your company culture and your policies. Are you okay with interruptions from family members during meetings, for example? Do you allow family members to use the devices you provide? What should you do if you suspect your employee is caught in a situation of domestic abuse? Should you think of your employees as workers, or write your policies to take care of them as a whole person?
Ask the Expert: What can fire extinguishers tell you about an organization’s risk?
Getting started (securely) with a remote team
There are a lot of pros to having a remote workforce, but there will always be risk. If you’re considering going remote, it’s time to perform a risk analysis for both scenarios — an in-house workforce and a remote team — so you can really understand the risks involved and make your plans accordingly.
Want more important security information and news delivered straight to your inbox? Subscribe to our blog.