Working in a hybrid model is not a new notion. Neither is the concept of working from home. What’s new about them is how widely they’re being adopted in today’s digital world. Employers must be cautious to ensure that the benefits of this strategy are not affected by cyber-attacks. Luke Watts, Managing Director of RoundWorks IT, discusses Hybrid Working and how businesses can benefit from it.
Employees are not independent contractors (Cyber-Attacks)
This may appear to be self-evident, yet it has important ramifications for cybersecurity. An employee and a freelancer are distinguished by the fact that an employee contributes their time while a freelancer contributes their services.
As a result, an employer can, and often must, assume greater responsibility for employees than freelancers. On the other hand, an employer has the right to require employees to adhere to agreed-upon working norms. This can be used by employers to ensure that adequate cybersecurity practices are implemented. You have to take strong measures to prevent cyber-attacks.
Keep in mind that workspaces differ (Cyber-Attacks)
In reality, the type of workspace you may expect from remote workers is likely to be determined by the level of their position. Entry-level/lower-paid workers, for example, are more likely to live in smaller dwellings. Even though they like working from home, they may not have enough room for a good home office (at least some of the time).
In the case of more senior positions, however, it may be practicable, if not necessary, to require adequate home offices as part of the hiring process. Even for entry-level/low-paid positions, it may be realistic to require entirely remote workers to have suitable home offices. Fully remote workers have the option of relocating outside of cities, where real estate is generally more affordable.
When employees’ workplaces have limits, managers may need to intervene to balance things out. For example, in the context of cybersecurity, you may give employees privacy controls to counterbalance open workspaces. When privacy filters are used, screens can only be viewed from the front, not the left or right.
It’s also a good idea to provide comfortable headphones to your employees. Employees are usually the ones who ask other people security questions. It’s fine if they’re overheard, but the replies must remain confidential. You may want to provide soundproof panelling to employees who are discussing sensitive information.
External networks should never be trusted
Employees having a potentially unsecured network are a simple problem to solve. Simply use a reliable VPN (Virtual Private Network). Allowing staff to use their own gadgets is never a good idea.
Also, Allowing employees to use their own smartphone or tablet to access authentication apps is acceptable. Allowing them to get authentication codes through text on their own phone (smart or otherwise) may be acceptable. The main reason this isn’t perfect is that text messages must be sent by third parties. They can also be intercepted by “simjacking,” for example.
Employees should never work from home using personal electronic devices or accessories. You should provide them with all they require. If you haven’t previously provided your employees with IT equipment, now is a great moment to start thinking about it.
Other choices vs. Windows
Most organizations have used Windows as their preferred operating system for decades. However, Windows 10 will be phased out on October 14, 2025. Windows 11 will take its place. However, the change provides a new motivation for businesses to evaluate their rivals.
In education and the creative sectors, Macs have long been a strong force. However, over the previous few years, they’ve made significant progress in the business world as a whole. Although coincidence does not imply causation, it appears highly likely that the shift to hybrid/remote working was a direct cause of the increase in Mac adoption by organizations.
Although Macs are not hacker-proof, they are far more difficult to break into than Windows PCs. This is due to the fact that macOS is structured significantly differently than Microsoft Windows. Prior to the pandemic, the added protection this provided was typically insufficient to entice businesses away from Windows’ familiarity and affordability. The situation is now, however, very different.
Another significant aspect is that ChromeOS has now matured to the point where it can be regarded as a fully functional operating system. ChromeOS is a close cousin of MacOS, making it more difficult to hack. Chromebooks, on the other hand, are far less expensive than Apple devices. As a result, they could be a great fit for modern enterprises.
Endpoints and local storage media should never be used to store data
Employees use a variety of devices, which are referred to as “endpoints.” Computers, tablets, and smartphones are all included. Local storage includes everything from portable and fixed hard drives to USB sticks, CDs/DVDs, and memory cards. Keep all of your information on the cloud.
If you manage your own cloud system, you are solely responsible for its security. If you employ a third-party cloud provider, however, security is a shared duty. The cloud provider is responsible for keeping its systems safe from outside attacks. You’re in charge of making sure your cloud accesses are well-managed.
This necessitates the use of powerful access-control systems. Your first step should be to ensure that people only have access to what they require. You’ll need to examine the protocols for their access whenever there’s a change (e.g., they move role). It’s also a good idea to check on a regular basis to see if employees who haven’t changed roles still require all of their privileges.
You must also guarantee that personnel is adequately checked before they get access to company systems. This typically entails two-factor or even multi-factor authentication. Cyber-attacks must be avoided.
Make sure your staff is adequately vetted and well-trained
Although neither of these requirements is unique to hybrid/remote working, they do take on a whole new meaning in these settings. You must be able to put even more trust in people operating at a distance from you than you do in those who are physically present.
You can only achieve this if you’re confident that you’ve chosen the proper personnel and provided them with the appropriate training. This instruction should include how to seek assistance if necessary. Help should ideally be offered via at least two channels, such as an online ticket and a phone call.
Conclusion:
This article has shared information on why you must make your business strong to face cyber-attacks and other viruses. Read all the information carefully, and keep sending us your suggestions and feedback, Goodbye!
