5 Cybersecurity Risks of Remote Workers (& How To Mitigate Them)

The trend of employees working from home is continuing to rise, with an IWG study showing that 70% of people globally work remotely at least once a week. Whether you call them remote workers, telecommuters, teleworkers, off-site employees, eWorkers, digital nomads, or road warriors, this group of employees is here to stay. Organizations that want to take advantage of this growing pool of remote working talent need to adapt to the unique cybersecurity risks that come with them.

Why Are Remote Workers More Vulnerable?

Use of Personal Devices

Remote workers come in many different forms. Some remote workers work for a dedicated employer that provides them with the tech they need and others make use of their own equipment. For organizations that provide work-specific devices, there is still a risk that their remote employees will use their personal devices for work tasks and the nature of remote work can make it difficult to monitor the personal device usage of remote workers.

Why It’s An Issue

Enterprise cybersecurity infrastructure often revolves around the creation of an impenetrable fortress built with enterprise-grade technology, robust threat detection, and monitoring. Unfortunately, these advantages may not be as accessible when a remote worker uses their personal devices. While remote security and monitoring solutions do exist for mobile devices, remote workers using personal devices may have privacy concerns with having their personal use monitored alongside work-related activities.

For companies that provide devices for use by employees, there is still potential for remote employees to inadvertently cause vulnerabilities by participating in the cross-use of personal and professional devices. If their personal devices are not kept to the same cybersecurity standard as their work computers, any work-related activities done on their personal devices can become a vulnerability.

How Can It Be Mitigated?

The advantage of the use of personal devices for work use, commonly known as “Bring-Your-Own-Device (BYOD)”, is that remote workers can use the technology they are comfortable and familiar with while reducing equipment costs for their employer. To allow remote workers to use their personal devices safely there are key technologies and best practices that can be implemented to maintain a secure environment.

Remote Access Environments & VPNs

By using a remote access environment or virtual private networks (VPNs) such as Office 365, or software like Atera, remote workers can access work files and emails from a secured server without needing to sync data to their personal devices. By not having company data synced with their remote devices the risk of data breaches in the event of theft is mitigated and data can be backed up to the organization’s servers, preventing data loss due to hard drive failures.

Insecure Wifi

Remote workers that work outside of a home office typically need a network connection to perform their duties. This need for a connection can cause temptations for remote workers to use potentially insecure public wifi hotspots.

Why It’s An Issue

According to the 2018 iPass Mobile Security Report, 81% of CIOs said their company had experienced a Wi-Fi related security incident in the last year, with 62% of Wi-Fi related security incidents occurring in cafés and coffee shops. Insecure public wifi hotspots are attractive to cybercriminals as the lack of encryption allows them to monitor the internet traffic of anyone connected to the network. Another method used by cybercriminals is the creation of an insecure wifi “honeypot” – a spoofed network designed to look like an official wifi hotspot that the cybercriminal owns and can capture the data transmitted through it.

How Can It Be Mitigated?

Avoid Using Public Wifi

The simplest and most effective method of preventing data breaches from insecure wifi hotspots is to not use them. That said, much like the issue of Shadow IT the convenience of free wifi when traveling is a temptation that many remote workers may still fall for, and the enforcement of policies to not use public wifi may prove difficult.

Use a Mobile Router

To mitigate the temptation to use these insecure wifi hotspots, remote workers can be supplied with their own mobile router. A mobile router transforms 4G or 5G wireless connections into a private WiFi signal, negating the need to use unsecured wifi networks.

Use a Virtual Private Network (VPN)

If a public wifi channel must be used (again, this is not recommended if it can be avoided) remote workers can connect more securely by using a VPN. An enterprise Virtual Private Network (VPN) routes internet traffic through your organization’s private network, allowing remote workers to benefit from the same security as your in-house employees.

Cloud-Based Environment

Remote workers often require a technology stack that is heavily reliant on cloud computing. The use of cloud computing provides an advantage by saving the costs of implementing a custom solution for key services, however, the use of cloud computing comes with its own unique set of cybersecurity risks.

Why It’s An Issue

1. Third-Party Control

When an organization uses the applications or services of another company there is an added vector for risk as the cybersecurity practices of third parties are out of their control. If the third party is breached or is intentionally hiding malware in its software it can be a potential vulnerability to connected systems.

2. Increased Potential for Data Breaches

A data breach is said to occur when information is accessed by an unauthorized party. If a third party application is granted access to an organization’s network there is an increased potential for sensitive data to be wrongfully accessed.

3. Insecure APIs

A software’s Application Program Interface (API) defines the set of tools, protocols, and routines for building the software. Third-party applications with insecure APIs become a potential vulnerability should those insecurities be exploited.

4. Account hijacking

One of the advantages of cloud-based applications is the ability for them to be accessed remotely. This advantage can also prove to be a potential vulnerability as the login credentials of an authorized party can be stolen and used to gain remote access to sensitive information.

5. Insider threats

Employees, contractors, and associates can intentionally or unknowingly cause damage to internal systems or leak sensitive information through their actions on cloud systems. As with account hijacking, the ability to access resources off-site through cloud applications gives an added opportunity for sensitive information to be accessed.

How Can It Be Mitigated?

Cloud Access Security Brokers (CASBs)

CASBs such as MVISION Cloud, Bitglass, and Microsoft Cloud App Security are software tools or services that act as a gatekeeper between an organization’s existing internal infrastructure and the infrastructure of a third-party cloud service provider, allowing for greater security and control when using third-party cloud resources. CASBs typically offer network and application firewalls, authentication, and data loss prevention tools that prevent transmission of sensitive data outside of authorized channels.

Remote Worker Bad Habits

Let’s face it, nobody is perfect. Unfortunately, the bad habits that we often manage to get away with in our personal lives can have serious cybersecurity implications in the corporate world. If remote workers fail to meet their cybersecurity responsibilities when handling an organization’s data they can inadvertently leak sensitive information to unauthorized sources. Poor cybersecurity hygiene practices include device sharing, reusing passwords, storing passwords in unsecured locations, opening emails that contain malware and using insecure wireless internet connections.

Why It’s An Issue

In 2018, a quarter of all data breaches were caused by human error. While not all of these breaches were caused by remote workers specifically, bad habits can be readily formed by an organization’s mobile workforce as they are often outside the influence that comes with being surrounded by coworkers and managers.

How Can It Be Mitigated?

Cybersecurity Training

Cybersecurity training needs to be a priority for organizations that work with sensitive information. Both in-house and remote employees need regular training and retraining to ensure that they are aware of and compliant with their organization’s cybersecurity requirements. According to Spicework’s 2019 State of IT, 59% of IT professionals believe employee security training tools are the most effective solution to prevent security incidents.

Removable Media
Policy Template

Set data security standards for portable storage
Define the acceptable use of removable media
Inform your users about their security responsibilities

Get started today—Download the FREE template and customize it to fit the needs of your organization.

Get the FREE Template

Protection Tools

In addition to knowledge-based security, the standard suite of security tools should be in place to prevent data breaches caused by human error – firewalls, VPNs, endpoint security software, and antimalware software all play a part in protecting an organization’s remote workforce.

Traveling

One of the benefits of remote working is the flexibility of movement that comes with mobile devices. No longer bound to dedicated office space, remote workers have the opportunity to work in planes, trains, hotels, airports, and more. Unfortunately, location independence also comes with its own unique set of risks.

Why It’s An Issue

Cybersecurity is not limited to fighting against the increasing threat of cybercriminals operating with software-based hacking solutions, it also involves protecting servers and endpoint devices with physical security measures. An important benefit of a dedicated office building is its enhanced physical security – locked doors, security guards, and other physical privileged-access security measures that take place inside an office are not always available to remote workers when they travel. Standard passcode-based security can be readily bypassed when physical access to employee laptops and cellphones are granted to cybercriminals.

How Can It Be Mitigated?

Physical Security While Travelling

If working in a public area, remote workers should never leave their devices unattended for any length of time (bathroom breaks, leaving devices in their car, etc) as a nearby cybercriminal can efficiently execute malicious code from a USB flash drive and compromise their device. Endpoint devices should be kept in carry-on baggage instead of checked baggage as even bags with locked zippers can be bypassed if the opportunity is available. In addition to preventing theft of their devices, when working in a public area remote workers should be conscious of the sightlines surrounding their devices and set up their workspace in a way that prevents passersby from viewing the contents of their screen.

Hard Drive Encryption

In the event that a device is stolen, having an encrypted hard drive will make it more difficult for thieves to access the data stored inside. Modern computers come readily equipped with encryption options – FileVault for MacOS devices, and Bitlocker for Windows devices.

Mobile Device Management (MDM)

While some remote workers work from a home office, 44% of remote workers travel while working between one week and one month per year. The prevalence of working outside of a home office by using mobile devices opens remote workers to an increased level of risk for theft or loss of their devices. A Mobile Device Management (MDM) system provides a method for locating lost or stolen devices and includes features for separating personal data from sensitive work data, giving mobile workers the option to remotely wipe sensitive data from a lost or stolen device.

USB Data Blockers

Traveling remote workers may need to make use of USB ports to charge their devices. While USB ports can provide power, they also open the opportunity for the connected device to unknowingly transmit data. To prevent data transfers to unknown USB ports, a USB data blocker allows remote workers to connect to the USBs power without exposing the data pins of their device.

Dale Strickland

Dale Strickland is the Digital Marketing Manager for CurrentWare, a global provider of user activity monitoring, web filtering, and device control software. Dale’s diverse multimedia background allows him the opportunity to produce a variety of content for CurrentWare including blogs, infographics, videos, eBooks, and social media shareables.

Cookie	Duration	Description
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
LS_CSRF_TOKEN	session	Cloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed.
OptanonConsent	1 year	OneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
_zcsr_tmp	session	Zoho sets this cookie for the login function on the website.

Cookie	Duration	Description
_calendly_session	21 days	Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar.
_gaexp	2 months 11 days 7 hours 3 minutes	Google Analytics installs this cookie to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_GY6RPLBZG0	2 years	This cookie is installed by Google Analytics.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
_opt_expid	past	Set by Google Analytics, this cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that is being redirected.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
NID	6 months	NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_dc_gtm_UA-6494714-6	1 minute	No description
_gaexp_rc	past	No description available.
34f6831605	session	No description
383aeadb58	session	No description available.
663a60c55d	session	No description available.
6e4b8efee4	session	No description available.
c72887300d	session	No description available.
cookielawinfo-checkbox-tracking	1 year	No description
crmcsr	session	No description available.
currentware-_zldp	2 years	No description
currentware-_zldt	1 day	No description
et_pb_ab_view_page_26104	session	No description
gaclientid	1 month	No description
gclid	1 month	No description
handl_ip	1 month	No description available.
handl_landing_page	1 month	No description available.
handl_original_ref	1 month	No description available.
handl_ref	1 month	No description available.
handl_ref_domain	1 month	No description
handl_url	1 month	No description available.
handl_url_base	1 month	No description
handlID	1 month	No description
HandLtestDomainName	session	No description
HandLtestDomainNameServer	1 day	No description
isiframeenabled	1 day	No description available.
m	2 years	No description available.
nitroCachedPage	session	No description
organic_source	1 month	No description
organic_source_str	1 month	No description
traffic_source	1 month	No description available.
uesign	1 month	No description
user_agent	1 month	No description available.
ZCAMPAIGN_CSRF_TOKEN	session	No description available.
zld685336000000002056state	5 minutes	No description

5 Cybersecurity Risks of Remote Workers (& How To Mitigate Them)

Why Are Remote Workers More Vulnerable?

Use of Personal Devices

Why It’s An Issue

How Can It Be Mitigated?

Remote Access Environments & VPNs

Insecure Wifi

Why It’s An Issue

How Can It Be Mitigated?

Avoid Using Public Wifi

Use a Mobile Router

Use a Virtual Private Network (VPN)

Cloud-Based Environment

Why It’s An Issue

1. Third-Party Control

2. Increased Potential for Data Breaches

3. Insecure APIs

4. Account hijacking

5. Insider threats

How Can It Be Mitigated?

Cloud Access Security Brokers (CASBs)

Remote Worker Bad Habits

Why It’s An Issue

How Can It Be Mitigated?

Cybersecurity Training

Removable MediaPolicy Template

Protection Tools

Traveling

Why It’s An Issue

How Can It Be Mitigated?

Physical Security While Travelling

Hard Drive Encryption

Mobile Device Management (MDM)

USB Data Blockers

Dale Strickland

Related posts

Why Your Business Needs a Data Loss Prevention Strategy

10 Key Responsibilities of HR Professionals

Removable Media
Policy Template