Mitigate the Cyber Security risks of Remote Working

Embrace Home Working

Protecting your organisation against cyber threats when employees work outside the office can be daunting. Not only does remote working massively increase the surface of attack, it also renders many traditional controls, designed to protect workers inside the confines of a traditional network, ineffective.

Read on to learn more about the challenges of home working security and how to reduce your cyber security risk.

Lets Talk

Contact Us

logo mobile

    remote working

    Remote working security risks

    Defending a vastly increased attack surface

    When employees work from home, an organisation’s traditional network perimeter is dissolved, meaning there is a much larger surface area to protect. This not only increases risk, but also the workload of security teams.

    Identity and access management

    When many different users and devices connect to a network from remote locations, it can be very difficult to know which access requests can be trusted. Amongst an increased level of noise, preventing and detecting unauthorised attempts to access networks, systems and data is a challenge.

    Use of employee-owned devices

    When employees use a combination of business-owned and personal devices to access corporate networks, the task of identifying trusted devices becomes even harder. Many organisations have BYOD policies, but don’t ensure that information security policies are updated accordingly.

    Perimeter security is less effective

    When employees work from home, devices no longer sit within the boundaries of a well-defined perimeter. This means that existing network security controls such as firewalls are unable to provide the same level of protection.

    Reduced threat visibility

    When devices are used to access networks from remote locations, threat detection becomes even more challenging. Security teams often lack visibility of user and device behaviours, and also struggle to differentiate between regular and anomalous activity.

    Managing cloud security and applications

    When employees work from home, organisations are increasingly reliant on cloud platforms and SaaS applications to ensure staff remain productive and can collaborate effectively. It’s common for cloud workloads to be misconfigured and employees to use unapproved software.

    Security tips for remote working

    Key ways to improve work at home security and reduce your organisation’s cyber security risk:

    • Implement multifactor authentication across all accounts
    • If bandwidth allows, encourage staff to use a VPN at all times
    • Review the security and privacy settings of collaboration tools
    • Enable audit logging when using platforms such as Office 365
    • Ensure employee devices are protected with the latest endpoint security
    • Use DMARC and SPF to help identify email phishing attacks

    Expect Great Things from
    Digidude Web Design

    Make the Right Choice for Your Future. Choose Digidude!

    Subscribe for Newsletter

    Grow Your Business with Our Web Design Agency


    Remote Working Security FAQs

    When organisations allow their employees to work from home, many of the protections that they rely on in the office no longer apply. Remote working means that the traditional security perimeter is diminished, but with the surface of attack is greatly expanded as a result. Organisations that support remote working must ensure that employees can continue to access the systems and data they need but in a way that is safe and secure. This can be particularly difficult when endpoint devices accessing a network are not security hardened and there is a lack visibility of devices that are in use. Common remote working security risks include lack of threat visibility, insecure configuration of VPNs and access controls, cloud misconfigurations, and use of unsecured employee devices.

    Reducing the security risks of remote working requires a mullti-layered approach, encompassing a range of controls and procedures to help prevent, detect and respond to threats. Hardening endpoint security, proactive network and endpoint monitoring, enforcing access management controls and conducting regular employee cyber awareness training are just some of the measures organisations can take to improve work at home security.

    There are a number of actions that employees can take in order to work more securely outside of the office. Security tips for remote working include reviewing the security of home networks, exercising additional caution when opening and receiving emails, using password management tools to set strong account passwords, keeping antivirus software up-to-date, and saving files to a network rather than devices directly.

    Cybercriminals are exploiting a rise in remote working by designing attacks that specifically target home workers. When employees work outside of the office, many of the controls that would protect them inside the office are less effective. Employee behaviour can also change – in a more relaxed home setting, employees may not exercise the same caution as they would in the office, leading to risky browsing behaviours. Criminals seek to take advantage by increasing endpoint focused attacks, which, in many cases involves social engineering.