Many Americans now work from home, meaning they make video conference calls, upload documents and conduct their daily business online from off-site locations. But experts wonder if the remote nature of work could cause internet security concerns.
While most workers are used to working at the office under carefully crafted IT systems, it’s impossible to quantify the number of permutations of home internet setups. Whereas one household might have a simple solution that works for their family, another household might have a virtual private network (VPN) subscription in place to mask their internet usage from prying eyes.
To help reduce the security risks associated with working from home, we’ve collected some tips from experts on steps that employers and employees can take to fortify digital workspaces.
It can be difficult to pin down the precise number of U.S. workers in a hybrid or remote work arrangement, but one thing is clear: That number is growing. One estimate, based on a study conducted by researchers at Stanford University, suggested that remote work accounted for 25 percent of all paid workdays in the U.S. in 2022.
Numerous projections anticipate hybrid and remote work as a growing trend. For example, an Upwork survey of hiring managers estimated that by the end of 2025, more than 36 million Americans will work from home regularly.
But that boom in hybrid and remote work introduces additional cybersecurity threats. It can be more difficult to govern which devices remote employees use to connect to company networks and what other activities these users perform on those devices. It also means the security of their home networks — not just the connection in a company’s workplace — matters as well.
The challenge then becomes training remote employees on proper cybersecurity practices and creating a policy for how to ensure those best practices are being followed.
“Remote employees are not trained on data privacy regulation and risk exposing sensitive information to a data breach,” said Barbara Rembiesa, president and CEO of IAITAM (the International Association of Information Technology Asset Managers). “Without proper IT asset management, there are major dangers that must be mitigated.”
Luckily, there are a few steps that users and employers can follow immediately to drastically improve the overall cybersecurity of the organization.
As remote work grows, employees’ digital behavior, including the devices they use and how they use them, becomes harder to govern. Prioritizing cybersecurity education and establishing policies to maximize data security should be top priorities for every business with remote employees.
When it comes to improving cybersecurity, both individual users and employer organizations must work together. Users should follow cybersecurity best practices, and employers should enact IT policies that defend company networks and proprietary data.
Although the consequences of remote employees’ poorly secured data can have severe impacts on a company and its customers, there are steps that users can take to ensure the worst doesn’t happen:
There are even more cybersecurity risks when employees are traveling. Check out our guide to cybersecurity while traveling if you have any upcoming business trips planned and want to ensure your data is safe.
While a lot of these steps can be taken by individual workers, companies should enact policies and take measures to further shore up their remote employees’ defenses.
“It is not too late for CEOs and others in charge of companies to take steps to get these risks under control, and to protect their data and that of their customers,” Rembiesa said.
If you’re considering using employee monitoring software, learn about the laws and ethics of monitoring employee activity first. Make sure you develop a legally compliant policy and enact it in a way that supports employee morale and the company culture you want to build.
With cybersecurity, you don’t just set it and forget it; it’s an ongoing, evolving activity that is vital to the longevity and survival of a business. Remote work introduces new and increasingly important elements into the cybersecurity puzzle, and both businesses and employees need to be prepared to address those challenges. That requires improved cybersecurity training for individuals, enhanced monitoring capabilities for businesses, and proper IT oversight of company networks and all devices connecting to them. While these steps represent an investment, they’re far less costly than dealing with a data breach or compromised network, so consider reviewing your cybersecurity plan today.
Tejas Vemparala also contributed to this article.