Cybersecurity Tips for Your Distributed Workforce

Today's digital workplace, embedded in cloud and remote work technologies, has increased the security risks for businesses. While that, in itself, may not be surprising, the extent to which breaches occur due to remote work, however, is astounding.

A Verizon Data Breach Investigation Report (DBIR) found that of the 29,000 analyzed incidents, 90% were caused by cloud-based email and other work collaboration tools, followed by desktop sharing.

According to the Verizon report, external cloud-based assets are involved in more incidents than on-premises assets, and IT security professionals participating in a Ponemon Institute survey said it was much easier to protect company data with on-site workers than it is today with remote workers.

Unsecured networks, unauthorized devices, unlocked or unprotected screens are all vulnerabilities caused by today's work habits. In fact, the Ponemon survey found 64% of the surveyed IT security professionals said they were worried about the screen privacy of remote workers.

It may seem daunting but improving the security of remote work is possible, with the right mix of tools, technology and training. Here are four tips to help you in the process.

1. Strengthening the IT Infrastructure

The workplace is evolving, and so are the threats. Bad actors are finding new, more sophisticated ways to gain entry into organizations.

Daniel Martin, principal security consultant and field CISO at IT firm Verinext, said to combat the increasing threats, companies need to ensure that their cybersecurity training content is up-to-date and relevant to today's biggest risks.

Vulcan's Cyber Risk in 2022 report finds the most common threats today are against cloud infrastructure and mobile devices, with users and customers as the weak points for bad actors to gain access.

So, organizations, Martin said, should build data and privacy safeguards on the backend of IT systems, where the security responsibilities do not fall solely on the end user. Data, he said, should always be protected by additional security layers, like system-to-system encryption, data loss prevention and data classification.

This may mean increasing investments in the IT infrastructure, but it is a critical step to take.

Related Article: Public Cloud Security Questions Your Workplace Is Probably Ignoring

2. Boosting Physical Security

With the growing adoption of hybrid work, physical offices are often left empty and unattended. 

Tina D'Agostin, CEO of security company Alcatraz AI, said companies, in their attempt to fight cyber crime across cloud technologies, should not neglect the security of their on-site premises.

"More than 10% of cybersecurity breaches occur from the perpetrator gaining unauthorized physical access as the entry point," she said.

She suggests employers train employees to secure physical access points like laptops and mobile devices, which can be easily stolen.

Related Article: Cybersecurity Isn't an IT Risk, It's a Business Risk

3. Upping the Cybersecurity Training Frequency

Prevention is the best medicine, and in the case of cybersecurity, this means providing ongoing training to all employees, including senior teams.

Learning Opportunities

ON DEMAND

Collaboration in a Distributed Workplace: Tools and Techniques of Top Performing Teams

Watch Now

ON DEMAND

Improve Knowledge Sharing: The Key to Employee Productivity

Streamline team collaboration and engagement

Watch Now

ON DEMAND

How McDonald’s Drove Productivity Through an Elevated Employee Experience

In the new remote/hybrid workplace, work/life boundaries are blurred and workplace stress is a top driver of mental health needs.

Watch Now

ON DEMAND

How to Future-Proof Your Employee Experience Strategy in 2023

A framework to navigate through economic uncertainty

Watch Now

ON DEMAND

Challenges to Efficiency in 2023: Your Employees Need the Digital Workplace of the Future

The era of asking employees to do more with less is upon us

Watch Now

ON DEMAND

The Essential Role of Communicators in Fostering Wellbeing in the Digital Workplace

Join us for practical insights on how digital communicators can support employees to thrive in the digital workplace

Watch Now

ON DEMAND

Addressing Employee Needs and Wants with a Digital Workplace

The workplace is getting more and more digital – both in how we work and where we work

Watch Now

ON DEMAND

Maintaining a Human-Centered Approach During Digital Transformation

When it comes to digital transformation - people drive change, not technology

Watch Now

ON DEMAND

The Evolution of Employee Recognition

Leveraging the power of appreciation to improve the employee experience

Watch Now

ON DEMAND

Are You Blocking Your Internal Comms Team Without Knowing It

Best practices & tips to help IC teams thrive

Watch Now

ON DEMAND

Cyber Resilience In The Cloud Is Not Optional

In today’s age of ransomware and widespread cyber attacks, your cloud data needs to be protected.

Watch Now

View All

"Companies need to deliver training on a regular cadence throughout the year," said Rich Vibert, CEO and co-founder of Metomic. He believes quarterly is a good place to start, though he recommends companies move to a place where training is done continuously.

How training is delivered also matters.

Martin said short videos, one to three minutes, are often the best medium, though Vibert argues video training can disengage certain audiences. Companies should poll employees on their preferred learning methods and implement training programs that cater to multiple learning styles to ensure retention of information.

Related Article: Can You Trust Zero Trust Networks in the Remote Workplace?

4. Growing Awareness

If employees don't know where the threats are, they won't be on their guards.

Vibert said it's not only important to make employees aware of the potential risks, particularly when sharing data through the cloud, they should also know the best ways to reduce those risks, both in and out of the office.

The office, interestingly, may seem like a safe haven for employees. As a result, some may be a bit looser with the security protocols like leaving devices unlocked and unattended.

D'Agostin said companies must do a better job of teaching vigilance on-premises, such as protecting physical assets while out or letting a stranger into the building or a restricted area.

Related Article: Insider Risk: What Hybrid Companies Need to Know — and Do

How AI Can Help Protect Data

With all the advancements made with artificial intelligence, the technology can also be used to help prevent cyberattacks.

According to the Vulcan report, AI is already being used to protect IT infrastructure and data security. In fact, 93% of companies, the report said, are now considering the use of AI in their security workflows.

AI helps by minimizing the risk of human error, one of the biggest causes of data breaches. It does so by analyzing the use and access to large amounts of data, which can alleviate the burden placed on employees, especially amid the rise of the contingent workforce.

About the Author

Kaya Ismail is a business software journalist and commentator with years of experience in the CMS industry. Connect with Kaya Ismail: