Remaining Secure in a Hybrid Environment
With lifting restrictions across the country, some companies are opting for a hybrid operations model. But maintaining onsite and remote teams presents unique challenges, particularly around digital security. If you’re considering a hybrid work environment in a post-pandemic future, find out how to stay protected and navigate a secure path forward.
As the Covid-19 pandemic finally begins to loosen its stranglehold on U.S. businesses, most companies are eager to return to pre-pandemic business activities. But after nationwide shutdowns forced millions of businesses into remote operations, leaders who witnessed the benefits of a remote workforce first-hand are reconsidering whether that includes bringing everyone back into the office.
Aside from the cash savings resulting from fewer office and parking spaces, there's less office equipment, stationery, and other onsite inventory costs.
The increased demand for remote employment on both sides of the conference table is leading many companies to consider a hybrid operational model moving into the post-pandemic future. Rank and file employees have become so partial to the flexibility afforded by remote work that nearly 30% of the professional workforce are threatening to quit if required to return to the office.
But the transition to long-term hybrid business models presents unique challenges for businesses, particularly in digital security. Digital crime is at a record high, with high-profile incidents like the Colonial Pipeline vulnerability making headlines almost every week.
Companies looking to take advantage of the benefits offered by a hybrid working model can avoid common cyber-pitfalls and digital vulnerabilities that can result in disaster if they strategize accordingly. Here are some of the most common cybersecurity issues and what you can do to remain secure in a hybrid workforce environment.
Problem – Phishing
One of the methods used to breach business network systems is phishing, a tactic used in digital identity theft to trick people into compromising security by interacting with fraudulent emails and other communication. This typically involves using embedded links or seemingly legitimate requests for a response. The banking information may not be the end goal at all, as these phishing expeditions could be used solely as an avenue for access to a more extensive criminal prize.
A great example is an email designed to look like banking correspondence, informing the recipient that their account security has been compromised and requesting that they follow an embedded link to reset their account password. By interacting with the email, individuals unknowingly put themselves at risk and their organizations at risk by extension.
Phishing isn't just a remote or hybrid concern; it's a critical concern across the board and affects every industry. Worse, cybercriminals increasingly specialize in targeted areas of criminal expertise within a more extensive network. Once access to valuable systems is secured, they'll sell that access to others specializing in digital extortion.
Solution – Training
The profound benefits of employee training cannot be overstated when it comes to digital security in a hybrid work environment. Investing in workforce training is an investment in the longevity of a business. Employees need to know what to look for so they can identify phishing threats and learn how to respond to phishing attempts.
As these phishing expeditions become more and more sophisticated over time, employee cybersecurity training should be a routine endeavor and, as part of your cybersecurity plan, performed at regular intervals throughout the fiscal year.
Problem – Independent Devices
Hybrid workforces also bring increased vulnerability through independent device usage, so the flexibility to work remotely sacrifices some of the digital security furnished by onsite business hardware. Device independence means the end of perimeter security. VPNs alone do not solve this issue - VPN authentication services can be a critical component of a comprehensive cybersecurity strategy. Still, a VPN should not be the only tool your organization uses to keep its data secured because the VPN tool stops functioning as a security measure once a device is authenticated.
Solution – Zero Trust
The problem of device independence has led many businesses to adopt a zero-trust architecture solution. Zero trust assumes no implicit trust gets granted to assets or user accounts based solely on their physical or network location. Put simply, zero trust architectures operate on a principle of least privilege, restricting user access by default.
This provides companies with an increased amount of control over user access through multilevel authentication and authorization, both for subject and device. In the event of a compromised independent device, cybercriminals will not also automatically gain access to sensitive company systems. This should not be the only cybersecurity measure aimed at addressing the issue of independent device usage but is useful in a multifaceted cybersecurity solution for hybrid workforces.
Problem – Mobile Devices
Another problem for a hybrid workforce is the increasing challenge of mobile device security. Smartphones, tablets, and other mobile devices that use downloadable applications are at risk of unknowingly compromising business security through hacking tools like spyware, viruses, and browser application exploits.
These security breaches are typically caused by "drive-by downloads," an industry term referring to any unintended/unapproved software download from the internet. While this problem is not new, the increase in mobile application downloads renews the risk of unintentionally downloading malicious software attached to these applications.
Did you know? There were over 218 billion mobile app downloads in 2020 alone.
While many are aware of the risk of malicious drive-by downloads, some may not understand how cybercriminals use these applications in the process of lateral access. 'Lateral access' refers to the process by which cybercriminals will move deeper into a network in search of valuable assets after gaining initial access. Through a variety of tools, hackers can move laterally through a compromised system by impersonating legitimate users.
Solution – Breakout Time
Although cybersecurity solutions should aim to prevent all unauthorized access to systems, a comprehensive solution will anticipate the impossibility of always being successful in this effort. To address the gap, businesses should adopt the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). This framework is designed with five core functions that are Identify, Protect, Detect, Respond and Recover.
NIST states, "These five functions were selected because they represent the five primary pillars for a successful and holistic cybersecurity program. They aid organizations in easily expressing their management of cybersecurity risk at a high level and enabling risk management decisions."
"Breakout time" refers to the amount of time that it typically takes an intruder to begin moving laterally through a compromised system after gaining initial access – security experts have estimated this time to be slightly under 2 hours. This means that businesses need the capability to detect, investigate, and contain a threat within the 'breakout time' to prevent the risk of stolen data or compromised assets.
Companies must take a proactive approach here, updating end-point security, prioritizing threats, and actively updating systems. Having dedicated experts that regularly monitor network environments will minimize aimlessly chasing false positives from security solutions and ensure that security teams can appropriately address the most dangerous threats within the breakout time window.
Businesses transitioning to a hybrid work environment can take advantage of the benefits of remote work and maintain their security profiles if they think strategically.
Being proactive instead of reactive can make the most of a hybrid environment and move successfully into the post-pandemic economy. Paramount as part of every comprehensive security plan, training staff, updating systems, and closely monitoring network activity will significantly impact your protection and help to ensure the safety of digital assets.