Future Of Work: Sloppy Cyber Hygiene Brings ‘Zero Trust’ Security Models Into The Workplace

Published on September 3, 2021 - By Emma Ascott

• Without the proper tools and training in place, people working from home are more vulnerable to cybersecurity attacks. 
• 52% of compliance leaders said that third-party cybersecurity breaches were their biggest concern with remote work.    
• Reports have found that home distractions are a major cause of security errors. 

The workplace has had to undergo serious changes in a short period of time to keep up with safety guidelines due to the pandemic. With many workplaces transitioning to remote and hybrid models, the convenience of working from anywhere is also increasing the risk of cybersecurity breaches. 

According to Accenture, 63% of high-growth companies have already adopted a hybrid model, and 83% of workers prefer this model – but it poses an unprecedented, heightened security risk.  

“Security is even more important now. It’s key not just for Fortune 500 companies but for people who want to work in a third place. They’re hopping around. Security, privacy, and data protection is critical,” Jeremy Bernard, CEO North America at essensys, said during a webinar hosted by GCUC earlier this year.  

Network security: Protecting the data flying around a network, including Wi-Fi, wired, and internet connections. 

According to research from Gartner, 52% of compliance leaders said that third-party cybersecurity breaches were their biggest concern with remote work.  

“Remote working has been hastily adopted by suppliers to keep their business running, so it’s unlikely every organization or employee is following best practices,” said Vidhya Balasubramanian, managing vice president in the Gartner Legal and Compliance practice.  

What are some of the top cybersecurity risks of a hybrid workplace? 

1. Companies are increasingly relying on cloud technology and the use of remote connectivity tools like VPN. Cyber-attacks on cloud services have grown more than 600% while hackers continue to exploit vulnerabilities in VPN gateways. 

2. There is no physical security and monitoring of virtual workspaces. Effectively managing the information lifecycle is vital, as holding data for longer periods of time is both a high-risk policy and a liability. 

3. Home distractions are a major cause of security errors (nearly half of UK and US employees have made errors leading to cybersecurity breaches). Workers are prone to social engineering scams, and Google registered a record two million phishing websites in 2020. Ransomware attacks increased by seven times more than normal.  

Clients expect effective security measures that keep their data safe. Companies with a poor cyber security record can expect their customers to move to another competitor. 

Cyber hygiene + best practices to avoid putting the business at risk

Developing security tools and techniques that have cybersecurity built-in as well as ongoing security awareness training that helps workers recognize threats and avoid them will become instrumental in fighting this troubling trend. 

Once performance gaps and potential vulnerabilities are identified, technology and tools must also evolve with priority areas. Useful technologies that have emerged include zero-trust architecture, User and Entity Behavior Analytics and Virtual Desktop Infrastructure. 

With employees working from two (home, office) or more locations each week, how do coworking spaces and companies keep their networks secure to prevent data breaches? 

• Zero-trust security models: These treat everyone as potential threats and require verification before providing someone with access to data, which helps workers avoid challenges involving security. 
• Adaptive security models: This is a proactive approach to a network’s security in which threats are continuously monitored; the network adapts to threats before they happen. 
• Network segregation models: This includes separate VLANS and networks for a wired network for different users and shared resources. This model authenticates members and separates them from guest users on a Wi-Fi network.  

“Proper network segmentation and a zero-trust security model for all user devices are key components in securing both coworking and flexible space IT networks, both of which we implement at Convene,” Paul Di Santi, director of corporate IT & Infrastructure at Convene told Allwork.Space. 

From the customer that just needs “really fast Wi-Fi” all the way to the enterprise customer whose internal compliance demands segregated infrastructure, coworking providers must be prepared to serve these customers and all that fall in between.  

“This will require infrastructure designed for customer network segmentation (both physical and virtual) along with secure network access control that challenges all devices for unique network credentials that will automatically place devices on the proper network,” Di Santi said.  

Without the proper tools and training in place, people working from home are more vulnerable to cybersecurity attacks. Now is the time for companies to invest in security testing and monitoring instead of waiting for a serious data breach to occur.