As flexible work arrangements expand over the summer months, cybersecurity experts are warning businesses about the risks associated with remote and ‘workation’ models, particularly when employees access corporate systems from unsecured environments.
According to Andrius Buinovskis, Cybersecurity Expert at NordLayer – a provider of network security services for businesses – working from abroad or outside traditional office settings can increase the likelihood of data breaches if not properly managed. The main risks include use of unsecured public Wi-Fi, reduced vigilance against phishing scams, use of personal or unsecured devices, and exposure to foreign jurisdictions with weaker data protection regulations.
Devices used outside the workplace are also more susceptible to loss or theft, further raising the threat of data exposure.
• Strong network encryption — It secures data in transit, transforming it into an unreadable format and safeguarding it from potential attackers.
• Multi-factor authentication — Access controls, like multi-factor authentication, make it more difficult for cybercriminals to access accounts with stolen credentials, adding a layer of protection.
• Robust password policies — Hackers can easily target and compromise accounts protected by weak, reused, or easy-to-access passwords. Enforcing strict password management policies requiring unique, long, and complex passwords, and educating employees on how to store them securely, minimises the possibility of falling victim to cybercriminals.
• Zero trust architecture — The constant verification process of all devices and users trying to access the network significantly reduces the possibility of a hacker successfully infiltrating the business.
• Network segmentation — If a bad actor does manage to infiltrate the network, ensuring it’s segmented helps to minimise the potential damage. Not granting all employees access to the whole network and limiting it to the parts essential for their work helps reduce the scope of the data an infiltrator can access.
He also highlights the importance of centralised security and regular staff training on cyber hygiene, especially when using personal devices or accessing systems while travelling.
“High observability into employee activity and centralised security are crucial for defending against remote work-related cyber threats,” he argues.
