The hybrid workplace: a question of trust or risk?

The hybrid workplace: a question of trust or risk?
(Image credit: Vlada Karpovich / Pexels)
Audio player loading…

Enterprises just weren’t designed for remote working (opens in new tab). For decades, Europe’s workforce has been rooted in a repetitive business routine – a full workday with a hectic commute on either side. The COVID-19 pandemic has turned that model on its head, with masses of employees (opens in new tab) now demanding more flexible working policies from their employers long-term.

About the author

Roger Benson is Senior Director, Commercial Sales, EMEA at AMD (opens in new tab).

While vaccine rollouts are gathering pace across Europe and many are predicting a return to “normal” as a result, it’s unlikely workforces will be returning to the office (opens in new tab) on a full-time basis. Rather, hybrid models - a flexible approach that enables employees to blend working from different locations (home, on the go, or the office) are expected to become the norm.

Towards a more flexible future

With homeworkers working consistently more hours than non-homeworkers, individuals are increasingly seeking a better work-life balance beyond the pandemic. According to a recent report from the UK government, 57% of employees said that the availability of flexible working is important to them, while 92% of Generation Y workers - people born between 1980 and 2000 - identified flexibility as a top priority.

Many already have a plan for their employees to work from home (opens in new tab) one or two days a week, while some have even granted the opportunity to work remotely on a permanent basis.

A difficult crossroad

While all signs are pointing to a future of work that combines working from home with time in the office, this puts employers at a difficult crossroad. Employers know that data (opens in new tab) breaches are far more likely to occur when staff are working away from the office. This is backed up by figures from the National Cyber Security Centre (NCSC), which show that more UK businesses are experiencing breaches or attacks at least once a week in 2020 than in 2017, by a ten-point increase.

At the same time, these same employers must give their employees the trust, confidence and tools they demand to work flexibly wherever they want.

There are numerous safeguards IT leaders can deploy to reduce this risk, from ensuring staff receive adequate cybersecurity (opens in new tab) training to deploying anti-phishing protection. Businesses that have been forced to adapt quickly to this new way of working must also make sure that the defenses they’ve implemented to protect remote workers during the pandemic are no longer just temporary, and are suited to supporting flexible working on a longer-term basis.

Most importantly, though, businesses need to be confident they are investing in technology that will meet the needs of their employees – enabling them to be productive, collaborative, and most importantly, secure against hackers.

Stronger measures

The first step that should be taken is to ensure staff have a virtual private network (VPN (opens in new tab)) installed on their laptop (opens in new tab) so they can always benefit from the same security (opens in new tab) afforded to them in the workplace wherever they may be. When in the office, employees are usually surrounded by several rings of security - from email and gateway security to frequent software updates and on-hand security support - and it’s important to ensure preventative measures are in place while they work remotely. After all, the riskiest cyber threats are the ones that haven’t been detected yet, which means prevention is the ultimate cure.

Cloud security is another important area businesses must tackle to ensure employees are trusted to work remotely. Video conferencing (opens in new tab) services, for example, have become extremely popular during the pandemic, but they are by no means infallible; there have been high-profile instances of threat actors gaining access to video meetings, particularly as more and more people work from home networks. With this in mind, businesses must implement stronger security measures, such as checking meeting links, requiring multi-factor authentication (MFA) and, importantly, ensuring employees are working on devices that have adequate protective measures in place.

Evolving threats

Opportunist hackers have dramatically shifted the way they operate as a result of the shift to mass remote working - something that will likely continue as businesses settle into a hybrid way of working. With employees working from laptops on home networks, phishing attacks have grown in popularity to become the most prevalent cybersecurity threat, and there has also been an increase in massive and simple distributed denial of service (DDoS) attacks.

As well as employing these techniques as a lure for employees to hand over sensitive data, hackers are also injecting data harvesting malware such as Remote Access Trojan, info stealers, spyware and banking Trojans to divert money and build botnets. With that in mind, businesses need to ensure that employee laptops are able to fight off these cyber threats and prevent access to corporate data. Secured-core PC, a Microsoft initiative backed by AMD, enables staff to boot laptops with robust security features to help ensure they’re protected against firmware vulnerabilities and unauthorized access.

Missing laptops

Of course, with the weather warming up and hospitality venues set to soon reopen, an employer’s home network isn’t the only risk businesses may encounter as a result of hybrid working. By allowing employees to work in coffee shops and beer gardens, this introduces the risk of corporate devices ending up in the wrong hands; it’s been found that a laptop is stolen every 53 seconds.

When a laptop goes missing, software-based full disk encryption (opens in new tab) (FDE) is typically the first line of defense in protecting user data, but it has limitations and ultimately leaves data open to hackers. An effective way to help keep data secure is by encrypting the system memory. This means that when a laptop gets into the wrong hands, they can’t just bypass full-disk encryption by accessing keys stored in memory.

As businesses decide on their comfort levels around flexible working, whether to keep the status quo or encourage people back into the office more often, it’s clear that some form of hybrid working is here to stay. As leaders look towards a long-term plan, it’s critical that businesses make not just the right policy decisions, but also the right technology investments, so that employees feel empowered and trusted to work securely no matter where they are.

Roger Benson

Roger Benson is Senior Director, Commercial Sales, EMEA at AMD.