Mitigating security risks posed by hybrid working

Hands typing on a keyboard surrounded by security icons
(Image credit: Shutterstock)

The pandemic has almost certainly altered the way we work forever, with hybrid working increasing in popularity across many industry sectors. 

About the author

Nick Offin is Head of Sales, Marketing and Operations at Dynabook Northern Europe.

It has to be said that staff mobility is not a new concept for IT leaders, but the last couple of years has seen remote working go from an occasional benefit to a permanent reality.

The move to mobility

While the hybrid working model presents a range of benefits for businesses and employees alike, it also creates a headache for IT leaders, with significantly higher data security risk levels to contend with. To compound the problem, according to Deloitte, cyber-attacks are becoming increasingly sophisticated, with those using unseen malware methods rising from 20 per cent to 35 per cent since the outbreak of the pandemic led to a change in working practices.

It's no great surprise that the splintered nature of hybrid working has resulted in additional security threats but, with the adoption of the latest cybersecurity solutions, these new challenges can be met. That’s why, according to Gartner, worldwide spending on information security and risk management technology and services was predicted to grow 12.4 per cent in 2021 to $150.4 billion.

The cost of security breaches that come from hybrid working

But what about the cost to companies in the event of a successful attack? No matter whether the issues stem from a cybersecurity breach or a phishing attack, the impact can be far-reaching. As well as the purely financial implications, there are other less direct costs to consider. Data security breaches can inflict long-term reputational damage. Once news of the incident hits the public domain, customers can be lost, and sales impacted.

That’s not all, unfortunately. If sensitive data has been compromised by the attack, then organizations could also face fines and sanctions for breaching data protection laws. Then, of course, there’s the negative impact on staff morale to consider too.

The rise of cyber and phishing attacks caused by mobility and human error

The sharp rise in the number of employees carrying their laptops from home to the office and wherever else they choose to work has seen a dramatic increase in cyber and phishing attacks over the last two years, with human error an increasing cause of data breaches.

Findings from Sophos revealed that even though the number of ransomware attacks has actually decreased over the past year, the average recovery cost has more than doubled to $1.85 million. The mobility of hybrid workers has prompted cyber criminals to shift their attention from “from larger scale, generic, automated attacks to more targeted attacks that include human hands-on-keyboard hacking.”

Ransomware is not the only threat, of course. Today, there is a wide range of attack methods that need to be considered and resisted. SonicWall’s Cyber Threat Report recently recorded 56.9 million IoT attacks, 5.6 billion malware attacks, and 4.8 trillion intrusion attempts. This helps to explain why, according to Dynabook, over one-third of Europe’s IT leaders pinpointed network or device security as the most difficult element of their IT infrastructure to manage during the pandemic.

Securing the mobile workforce

So how can organizations secure the data of their increasingly mobile workforce? It begins with protecting the front-line by equipping employees with robust devices that meet the high level of security required today. Biometric tools including two-factor authentication offer a strong first-line of defense for example, combining fingerprint and iris detection to restrict entry to a device.

Yet it’s also important to ensure devices feature deeper in-built security measures from a software and firmware perspective too, such as Trusted Platform Module 2.0 for enhanced encryption. Meanwhile, for IT teams, remote access control is essential so that strict permissions can be put in place, enabling them to manage which employees have access to certain files. From a policy perspective, we’re seeing more organizations take a zero trust approach too – something which is particularly important in today’s hybrid environment to manage not just employees but partner organizations as well.

Business benefits of mobile secure client solutions for a mobile workforce

Beyond in-built security, mobile secure client solutions can also help to eliminate a significant cause for concern in terms of the device threat by adding boot-level security – something which is particularly important as we see the rise of hybrid working models.

In addition, by removing data from the device, storing it centrally and then making it accessible via a Virtual Desktop Infrastructure (VDI), such solutions provide the perfect balance of ultra-secure and ultra-productive mobile working. Employees can get on with their work, wherever they choose to be, knowing that the risk of data breaches through malware or lost and stolen devices has been nullified. With cybersecurity rated as the 2nd highest source of risk in Gartner’s 2021 Board of Directors Survey, we can expect to see these mobile secure client solutions rise in popularity.

One thing is certain – this is a problem that will not be going away any time soon. With technologies such as 5G and the IoT becoming more common, the threat of security breaches will continue to grow. Data proliferation will keep taking place at exponential levels and IT leaders must embrace new solutions now to protect against this ever-increasing threat.

At TechRadar Pro, we've featured the best business VPN.

Nick Offin

Nick Offin is Head of Sales, Marketing and Operations at dynabook Northern Europe. He has the responsibility for sales teams covering end user segments including Public Sector, Corporate, Mid-market and Education sectors and Managed Partners across UK&I and the Nordics.