Advancements in cloud solutions and collaboration tools in recent years, coupled with the necessity of going remote due to the pandemic, have empowered today’s workforce to choose where they want to work. While the ability to work from anywhere—home, the library, coffee shops or even the beach—gives employees increased flexibility, the shift from the traditional office setting has exposed security and logistical concerns. Remote workers often access sensitive information from unsecured devices and networks, which can result in compromised data and failed privacy compliance. It’s essential for remote workers to practice online safety to minimize the cybersecurity risks to their organizations.

Understanding the Risks of Remote Work

It’s undeniable that the freedom to work from anywhere is an employee perk that organizations must adapt to. Here’s a breakdown of some of the risks of working remotely and what companies can do to keep their sensitive information secure, even when outside the safety of their four walls:

Know the Risks of Online Connectivity and Collaboration

Office closures and working-from-home mandates due to COVID-19 permanently changed the way we look at workplace connectivity. A recent Fenwick poll among HR, privacy, and security professionals across industries noted that approximately 90% of employees now handle intellectual property, confidential, and personal information on their in-home Wi-Fi as opposed to in-office networks. Additionally, many are accessing this information on personal and mobile devices that often do not have the same protections as company-owned devices. The elevated number of unprotected devices connected to unsecured networks creates weak areas in a company’s infrastructure, making it harder to protect against hackers.

One technology your organization should be especially diligent about is video conferencing software. Hackers can infiltrate video conferencing software to eavesdrop on private discussions and steal vital information. Many disrupt video calls via brute force, where they scan a list of possible meeting IDs to try and connect to a meeting. Others seek more complex infiltration methods through vulnerabilities in the actual software. Up until recently, Agora’s video conferencing software exhibited these same vulnerabilities.

Hackers will usually try to gain access to these network vulnerabilities by targeting unsuspecting employees through phishing scams which can lead to even greater consequences if they manage to insert malware or hold your data for ransom. Without proper training on how to avoid these threats, many employees wouldn’t know how to handle the impact should they become the target.

Take Greater Care When Working Remotely

Whether you’re connecting from home or from another remote location, it’s critical to practice the same level of care as you would in the office. Here are some quick and essential security safety habits every remote employee should practice:

Don’t Go Phishing

Phishing is one of the most common methods hackers will deploy to target unsuspecting employees to access sensitive data. In fact, over 63% of Canadian IT executives in a recent poll indicated that ransomware and phishing were the top security concerns for their organizations. Here are some ways you can spot a phishing scam:

  • If you receive an email, text, or phone call prompting you to take immediate action and log in to an account, make a payment, confirm personal information, click on a suspicious link
  • If the link doesn’t match the actual text in an email (hover over it with your cursor to check)
  • The message is poorly written or the company logo looks odd
  • The name of the sender doesn’t match the email domain or the email domain contains errors

Adhere to Company Policy and Standards

Ensure you understand your company’s policies and confidentiality agreements when it comes to sharing files, storing documents, and other online communications. Use company-approved cloud applications that follow strict security standards to avoid inadvertently exposing sensitive company information through unsecured means. This measure can also apply when using video conferencing software. Limit the amount of sensitive information shared via video conferencing platforms and through messaging features just in case uninvited hackers are eavesdropping.

Separate Personal and Business Devices

We may have brought work home with us, but nonetheless, we must strive to maintain a work/life balance and set boundaries between our personal and work life. Setting these boundaries makes it easier to separate the technology we use in our life as well. Avoid sharing your company’s devices with family members who are not aware of the best security practices, especially children. Also, keep personal accounts separate from company accounts to prevent sharing information through personal channels.

Leverage Security Software Tools

Given the flexibility to truly work from anywhere, ensure you are connected to a secure network when not connected to your home’s password-protected Wi-Fi. When connecting to an unfamiliar network, always use a VPN to encrypt data and safely share files across the internet, preferably the one your company uses, or check with your IT resource. Take preemptive measures to mitigate exposure by installing antivirus software and firewall protection to scan files and systems and protect against harmful viruses regularly.

Make Security a Priority When Working Remotely

While the COVID pandemic has sparked a remote work movement that has changed the way we look at the conventional workplace—introducing greater flexibility and the opportunity to work from anywhere—remote work is well on its way to becoming a permanent fixture in the lives of many. However, the number of employees dispersed across cities and even countries have made it more difficult to secure endpoint devices such as laptops and mobile devices. Moreover, the risk posed by unsecured networks only increases the vulnerabilities of remote workplaces. As more workplaces embrace the benefits of a fully remote workforce, we will need to give more thought to how we can facilitate a secure workplace that is collaborative yet protected. By increasing awareness of potential cyber threats and enhancing security standards for devices and home networks, we can begin to create a safer and more efficient workplace.

To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.