Mobile workforce using public Wi-Fi and unsecured home networks is a serious security hazard, warns cybersecurity expert.
The pandemic forced millions of workers to leave their offices and work remotely, creating new cybersecurity challenges for companies globally.
Cybercriminals took notice, causing companies to experience record-setting losses brought about by data breaches.
However, remote work is not a passing phenomenon - according to Gartner, 51% of knowledge workers will work remotely by 2022, which is a 24% increase when compared to 2019.
If remote work meant working from home at the beginning of the pandemic, it is now changing towards working from anywhere. Cybersecurity-wise, this means that an increasing number of workers will access their work networks through vulnerable networks, and additional security measures have to be put in place to mitigate the connected risks.
WFA: the dangers of public Wi-Fi and unsecured remote locations
The switch to home offices left managers dealing with several cybersecurity threats stemming from unsecured home devices and networks, as well as unprotected internet traffic.
When the majority of employees work from a single location, there is only a need to protect the main network - which is less demanding than protecting as many endpoints as there are employees.
The problem becomes even more evident once employees are not working from a fixed location like home but are, for example, traveling while working and have no choice but to use public internet access.
"Adapting to working from home was a challenge to cybersecurity personnel everywhere, but the growing trend of working from anywhere entails a new set of threats to consider," said Algirdas Sakys, Information Security Manager at NordLayer. "Working from anywhere usually means using unencrypted public Wi-Fi, which can lead to information being intercepted, malware being distributed. There is an array of ways in which hackers exploit unsecured public networks, and businesses have to adapt their cybersecurity strategies accordingly."
The Castle-and-moat approach to cybersecurity is no longer viable
Since every remote employee is a potential threat to the integrity of a given company's data, businesses are shifting their cybersecurity strategies away from the castle-and-moat approach. Now, network security solutions based on the Zero Trust principle are replacing traditional, static defense strategies.
In the Zero Trust framework, the given network is protected by granting users and devices access to only those parts of the network that are essential to their task. In such a system, every user is authenticated before being allowed to access the needed data through an encrypted tunnel. Because of this, even if a device gets compromised, it can't cause network-wide damage.
Organizations that have Zero Trust-based system in place enhance their cybersecurity in three key areas: secure access, secure browsing, and increased cybersecurity training opportunities, added the NordLayer expert:
"First, a comprehensive security framework of this kind allows the remote employees to safely connect to the company network without putting the whole network at risk. Second, web browsing becomes considerably safer, allowing cybersecurity personnel to ensure employee browsing habits are not potentially harmful to the company. Finally, due to the automated nature of Zero Trust-based systems, managers gain more time to educate their personnel on best cybersecurity practices, which is crucial because defrauding humans is one of the chief enablers of successful cyberattacks."
- Read more about Digital Transformation @ www.fieldservicenews.com/digital-transformation
- Read more about Cyber Security on Field Service News @ www.fieldservicenews.com/cyber-security
- Read more about the impact of COVID-19 on FSN @ www.fieldservicenews.com/covid-19
- Find out more more about NordLayer @ nordlayer.com/
- Learn more about NordLayer @ twitter.com/NordLayer