Cybersecurity in the hybrid workplace

There has been a radical shift in work locations and patterns since the before the Covid19 pandemic. The resulting cybersecurity implications are huge and organisations need to take extra steps to reduce risk, writes Managing Director Consulting, Jon O’Brien.


Cyber Awareness Month offer: sign up for a free scan from Trillion™- the corporate credential leak detection tool - and see if your employees' email addresses are being traded on the dark web


The number of people in remote-capable jobs who are exclusively remote working increased from 8% pre-pandemic to an anticipated 24% in 2022 and beyond, according to GALLUP data. For hybrid work patterns there was a similar increase from 32% to 53%, and fully onsite working decreased from 60% to 23%. The result is a radical increase in a company’s cyber threat surface and a need for new processes, policies and protocols to mitigate heightened cybersecurity risk levels.


Remote working has created a lot of opportunity and flexibility, but there are also risks to consider.


Working from home increases the risk of sensitive information falling into the wrong hands because employee behaviour and cyber-hygiene is much harder to control outside of the office. Employees are much more likely to use unsafe Wi-Fi networks, use personal devices for work, share devices with family members, or use unencrypted means file sharing, for example.


The answer is to have the appropriate controls and policies in place as an organisation and make sure they are implemented and followed across all departments and teams. And, above all, employee education is critical.


Here are a few tips to help make sure employees stay safe while working away from the office:


  • Always lock your computer screen when away from it, pressing Windows key + L (or control + command + Q) makes this really easy to do.


  • Where possible reduce the amount of physical documentation carried. These are much more likely to be lost and could results in a serious data breach.


  • Public Wi-Fi is generally safe to use if you’re just browsing websites or watching videos. Just don't use it for anything you wouldn’t want other people to see. If you need to view or send sensitive information, or access any account that requires a password, tether from your phone or use a VPN


  • Take care when speaking on the phone in public. You never know who is listening


In general, whether your employee is working from the office or not, they need to be cybersecurity-wise. Make sure they are trained and up to date on the how to spot security risks. Remind them of the following basics for staying safe online:

  • Always use the latest version of your chosen/permitted Internet browser


  • Use favourites/bookmarks to access your most regularly used sites to reduce the likelihood of misdirection


  • Consider the use of ad blocking plugins


  • A padlock doesn’t necessarily mean a website is safe. Make sure you check the website’s URL


  • If you’re ever unsure about the legitimacy of a website, stop! Google it and follow the link provided to reach your destination.


Further reading: Becoming Cyber Essentials certified


Cyber Awareness Month offers:


Sign up for a free scan from Trillion™- the corporate credential leak detection tool - and see if your company email addresses are being traded on the dark web.


Free Cyber Essentials pre-assessment. Self-assess your cybersecurity alignment with the UK Government’s Cyber Essentials scheme.


For more information contact the Crossword Team.