Ninety-nine percent of employees polled in Buffer’s 2019 State of Remote Work survey expressed interest in working remotely for at least a portion of their careers, citing a flexible schedule as the top benefit. However, companies offering more remote work opportunities in response to the growing demand face security challenges unique to managing a mobile workforce and must respond accordingly to prevent unauthorized network access.
Risks of Remote Work
Allowing employees to access company data from offsite locations raises concerns about data encryption, the security of wireless connections, use of removable media and potential loss or theft of devices and data. In a 2018 survey by Wi-Fi security company iPass, 57% of CIOs reported they suspect their mobile workers had been hacked or were the cause of security problems. Only 46% percent could be “confident” their remote employees used virtual private networks (VPNs) to increase security when connecting to company networks.
The same survey showed remote workers lack an understanding of the severity of common security risks. Sixty-two percent of security incidents related to Wi-Fi connections happen when employees use networks in cafes or coffee shops, and 27% of workers in the U.S. admit to opening emails and attachments from unfamiliar senders. Devices are often compromised as a result, putting both personal and company data at risk.
The Need for Better Remote Access Policies
Unfortunately, many business owners don’t understand the requirements for a robust remote access policy. Access needs and practices are changing among all workers, not just remote employees, and professional guidance is becoming essential to prevent serious problems like identity theft, data breaches and data loss.
IT and cybersecurity professionals can evaluate the security risks companies face and develop customized protocols to minimize these risks, but 44% of companies aren’t bringing the pros in to help. Therefore, many executives may miss key insights into potential vulnerabilities and fail to implement proper protection for remote workers.
Separating Personal and Work Data
The problem of mobile access security isn’t new. An increasing number of employers have adopted bring-your-own-device (BYOD) policies in recent years, and 69% of “IT decision-makers” think doing so a good idea. Sixty-seven percent of employees are using personal devices at work, which means employers should already have security measures in place to deal with the potential threats of mingling personal and work data.
Issuing company devices is a straightforward way to minimize risk, as it ensures corporate data remains separate. However, the majority of young employees feel their own devices are “more effective and productive,” so employers may have to take a different approach to maintain satisfaction among remote workers. Mobile device management (MDM) apps present an alternative, allowing companies to create gated access to data and perform remote locks or wipes if devices are lost or stolen.
Establishing a Secure Environment
Seventy percent of companies consider public Wi-Fi to be a top concern for security, yet 61% know their employees still use these connections for work. To reduce the vulnerabilities associated with public Wi-Fi networks, employers can:
• Ban the use of unsecured wireless connections
• Use geolocation to restrict the places from which company networks can be accessed
• Set up and require the use of a VPN for remote work
VPNs may be the least complicated to implement and enforce, as these networks don’t have the potential to compromise employee privacy and don’t restrict where remote employees can work. Reliable VPNs offer end-to-end data encryption and shield IP addresses to increase security on all types of connections.
Committing to Ongoing Education
Users remain largely unaware of the potential security risks of their actions or how these actions could compromise their employers’ networks. A whitepaper by Cisco Systems revealed only about half of workers who use personal devices to access company data have proper security installed on their devices, and many more engage in risky behaviors, including:
• 46% download personal files onto work devices
• 29% use personal devices for work without worrying about safety
• 21% allow other people to use their work computers
Despite this, the majority of remote employees still believe they’re working securely. This signals a disconnect between understanding the importance of security and the ability to implement critical security measures. To bridge the gap, employers must establish training and education programs informing all employees of security best practices and provide the tools and support to put them into operation.
With diligence and a focus on mobile security, businesses can support a remote workforce while maintaining secure network access for all employees. Learning to recognize and respond proactively to potential threats allows companies to benefit from the 35 to 40% increase in productivity made possible by remote work and continue to provide employees with the benefit of a more favorable balance between their personal and professional lives.