09.30.21

National Cybersecurity Awareness Month: Security tips for the hybrid workforce

October is often strongly associated with Halloween and Autumn weather, but here in the U.S., it’s also known as National Cybersecurity Awareness Month (NCSAM).

NCSAM marks a great time to get up to speed on the latest trends in cybersecurity and make sure your business’s security is the strongest it can be. This past year and a half has presented a whole host of new hurdles. Working from home has become the new normal, and security has become a big concern due to the use of personal devices and home networks.

With COVID-19 restrictions lifting, some employees are returning to the office, but others aren’t. This is resulting in what’s dubbed a hybrid workforce, with people on the same team working from different locations across the country.

A hybrid workforce brings about a whole new set of security challenges. Here are a few tips to keep your team safe no matter where they’re working from.

Train remote workers to take proper security measures while working from home.

Keep personal devices secure

A vast majority of people that are working from home may choose to use their personal devices to do their work, as opposed to a company issued device. Whether it’s familiarity, convenience or some reason beyond that, keeping tabs on the security of a personal device is difficult.

Encourage employees to keep their personal devices up to date with the latest updates for their OS, and offer for them to use antivirus software that would otherwise be used on company devices. Update your cybersecurity policy to reflect a two factor authentication requirement to login to company networks.

Require remote employees to use a VPN

Whether remote employees are using company or personal devices, require them to use a Virtual Private Network (VPN). VPNs can hide any activity performed on a network, and can even hide your IP address. They can establish an encrypted and secure connection, which can be especially important when connecting to company networks.

Empower your IT department to mandate that all company devices must have a VPN installed, and instruct those with personal devices on how to install and configure a VPN.

Train for vigilance around phishing attacks

With employees working from so many different places and even being hired outside the office to begin with, phishing attacks are a bigger risk than ever before. It’s important to emphasize the telltale signs of a phishing email during the onboarding process and every so often afterwards.

It can sometimes be difficult to tell the difference between a legitimate and fraudulent email, which is why it’s imperative that employees are trained early on to avoid putting their teammates’ and the company’s data at risk.

Encourage remote employees to work from home, not in public

It can be refreshing to get out of the house and work in your favorite coffee shop, but the reality is that it’s much more difficult to secure a connection on a public network. You never know who may be lurking on a public network, and even a VPN doesn’t promise 100% security.

Encourage employees to stay at home where their private network can be secured much more easily, especially when accessing company networks.

Want to keep up with the latest security tips during National Cybersecurity Awareness Month? Check out the Total Defense security blog.