The Challenge of a Mobile Workforce on Cybersecurity

Man working remotely at home outside

When the COVID-19 pandemic erupted in the spring of 2020, much of the US workforce was sent home and technology support needed to react quickly to help support a mobile workforce but simultaneously protect organizations from threats of cyberattack. This was not an easy task. And the threat was real as we’ve observed a nearly 500% increase in ransomware attacks since the start of the pandemic. Reasons that working from home (WFH) can be a challenge for IT teams in protecting a company’s data and assets can be, but aren’t limited to, the below: 

  • Insecure Wi-Fi. When employees are working at home or in a public location, a company has little to no control over the network they are using. This can be dangerous and may leave room for hackers to compromise company systems. With so many different configurations and setups, this is a nightmare for IT to manage and ultimately have control over. 
  •  Personal devices. While this isn’t solely a reflection of the work from home movement, there is an increasing number of employees that utilize work data from their personal devices. Again, for the same reasons as unknown wi-fi networks, this can be a challenge to support and protect. 
  • Physical proximity. In a typical working environment, if a suspicious activity is observed, such as an email that may have been a phishing attempt, the employee can physically ask the colleague if they have sent this suspicious email. With more working from home, that simple exercise becomes more of a challenge to debunk. 


While there is no way to completely eliminate the risk of cybersecurity threat, even when employees are working in the office, it’s important to be diligent and intentional about cybersecurity with a mobile workforce. Here are some ways that can help lower the risk with a remote workforce

  • Work from home feasibility. Business leaders are in the midst of making decisions about whether or not to continue work from home practices ongoing. This discussion often circles around productivity or employee morale but when making this decision, leaders should consider security as well. This is not to say it shouldn’t be done but it should be a factor. And if it is deemed the right step to take for the employees to place emphasis on cybersecurity when considering whether or not remote work is right for their company as well as what protections should be put in place if remote work is pursued. 
  •  WFH security policy. If it is not in place currently, employers should develop a work from home security policy for all employees to abide by. This would include which roles should be work from home eligible and which would not. The policy would also cover the tools and platforms that the employees should be using along with if they should be using a virtual private network (VPN). Lastly, the policy would articulate what an employee should do if a threat is observed. 
  • Employee education. This cannot be stressed enough. Because human beings don’t learn something after only hearing the material once, employees should be educated on working from home security practices frequently and in different ways for better retention. 
  • Multi-factor authentication. While this is not a unique practice just for working from home, continue to implement practices that include having multi-factor authentication (MFA) in place for all systems that need authentication.
  • Ever-evolving strategy. As cyberhackers become more sophisticated in their approach and recognize gaps such as increases in employees working from home, it will be imperative to continuously reevaluate the work-from-home policies and procedures to ensure the company and employees are remaining as safe as possible. Unfortunately, the prevention methods need to be more dynamic and nimble to stay ahead of cybercriminals.

Despite the challenges of a mobile workforce, it is not all bad news. It makes sense that as more and more people are working remotely from home or on the go, we’ve seen an uptick in cybersecurity threats. The pandemic has created many difficult situations but one thing it has taught us is how important communication between employer and employee really is when dealing with any type of crisis situation. The mobile workforce brings with it new challenges, such as cybersecurity gaps that can lead to data loss. If you need help assessing gaps in your remote working security or ensuring your company can mitigate risks that may arise from these changes, reach out today. Our team at Firefly would love to partner with you so that we can provide you with all of our expertise on this topic and make sure your business stays secure even as more employees are employed remotely.

 

Author avatar
Adam Jones