Understanding the Cyber risks in adopting the latest Workplace Trends
Each year organizations come up with new ideas and trends that disrupt the way they operate, and rest of the world follow them and eventually embrace them. Nearly, every aspect of business is prone to changes, and the workplace is no exception. Workplace trends help organizations stay on top of what their people value. Remote flexible working, Bring Your Own Device (BYOD), Digital workforce and others are no more just concepts but have become a reality today. We all are aware how the COVID 19 pandemic is disrupting businesses to embrace remote working to 90% of their employees or even 100% in a few companies. While Operations and HR departments consider them a boon, Cybersecurity experts are worried about the security challenges it brings to the table. With hackers outsmarting even companies with robust defence, companies feel more and more vulnerable.
In this blog, we try to bring to your attention the key challenges brought up by the newest workplace trends and how to stay vigilant to safeguard the data and assets.
1. Remote Working
Traditional office-centric working is under serious threat by remote working. Even though employees enjoy the new-found freedom, it is not without challenges; from losing a personal connect within co-workers to diminishing productivity, HR is working hard to make the employees feel connected and engaged. But a major worry is for the CISOs and CIOs because of the risks involved in connecting remotely. Global Cyber Center of New York (NY) suggests that Organizations of all kinds are facing an uptick in email-based threats, endpoint-security gaps and other problems as a result of the sudden switch to a fully remote workforce. Employees’ home networks probably have weaker protocols for easier access to the network’s traffic. Huge effort is required in terms of securing devices provided to employees, ditching legacy VPNs, adopting cloud-agnostic and scalable network security solutions and conducting awareness campaigns for employees on the do’s and don’ts s while working from home.
Refer our insights library to read on security tips to consider while working from home.
2. Flexible work timings
Few employers provide flexibility for employees to work any time they are comfortable as far as business continuity is ensured. We already discussed that the cyber risks of flexible work arrangements could include malware infection, unauthorised access, data security, and insecure devices used by staff. If a person is working in time where no cyber security team works, it could mean that help is a day away and damage could be huge. Automated cyber response mechanism should be robust enough to overcome this challenge. AI and RPA based processes could assist organizations in this regard as software robots works 24/7.
3. Bring your own device (BYOD)
Gone are the days when work starts for an employee after they reach their office cubicle, login to a desktop computer or make calls on a company landline phone from their desk. Newest workplace trend is allowing employees to bring their own mobile devices, tablets, and even laptops into the workplace. They connect those devices to the organization’s network, download business data to their personal apps, and upload sensitive information via their devices. BYOD policy may give companies leverage on their operational cost and the employees greater flexibility, but it is worth checking whether it poses business data security risk.
Personal apps from the employees’ mobile devices can pose serious security threat as many hackers use legitimate apps to create trust with users whilst getting them to pass over sensitive information. Organizations need to create a dynamic security approach that takes into account user identity, time, location, behaviour and biometrics, as well as device state, user, app state and transaction requests.
4. Mixed workforce with digital workers and human workers
Robotized process design needs the foresight and an eye for detail that a Cyber Security Expert provides. A software robot follows what the developers have instructed it to do and proceeds with process steps and it becomes very risky for processes such as payments without a control mechanism suggested by the Cyber security expert in place. RPA software bots require access to perform their required tasks, such as logging into ERP, CRM, or other business systems, copy or paste information or to move data through a process from one step to the next. Credentials stored as scripts or in other insecure locations invite trouble hence care should be taken to store them in a centralized, encrypted location.
Refer our insights library to learn more about the digital dangers in RPA and how to securely design the RPA processes
Evolution of AI and Machine Learning has undoubtedly enabled employees to free themselves from mundane laborious tasks and coexist with robots harmoniously.
Workplace trends have certainly made an impact on the satisfaction levels of the workforce, but it significantly increases the need to be cyber vigilant and resilient. With proper security policies, advanced cyber security tools and procedure in place along with an expert team at your disposal, the challenges are sure to overcome. This way today’s emerging workplaces can be made more secure by leveraging emerging technologies such as Cybersecurity Automation, AI, ML and more.
Talk to our cybersecurity experts to stay on top of your cyber security strategies!