The onslaught of the COVID-19 pandemic brought about many changes and disruptions in cybersecurity. Organisations globally shifted to remote work scenarios to enable their employees to work from the comfort of their homes. Since this was a sudden decision, many organisations lacked resources to ensure security while users were operating from locations across the world. These redefined security perimeters provided leeway for bad actors to perform cyberattacks.
According to a study conducted by Deep Instincts, malware increased by 358% and ransomware increased by 435% in 2020 compared to the previous year. As COVID-19 restrictions are eased, employees are slowly returning to their in-office workspaces. But the remote working model is not completely obsolete; organisations are opting for a hybrid workforce model that consists of remote and in-office employees.
A hybrid workforce model is a welcome change accepted by organisations and employees alike due to increased flexibility, enhanced productivity, a reduction in organisational spending, and other benefits. However, a hybrid model is also vulnerable to risks due to the absence of the traditional security perimeter. This blended workforce model calls for organisations to revise their cybersecurity strategies, since employees and devices are constantly migrating between secure office networks and their less secure home networks. Organisations can stay one step ahead of bad actors and ensure that their network is secured against potential attacks by adopting the following measures:
Managing endpoints and ensuring device security
A major disadvantage of adopting a hybrid workforce model is reduced visibility over endpoint devices, which increases the probability of cyberthreats and risks. This calls for organisations to strengthen their endpoint security measures and build resilience. Since the hybrid workforce consists of employees and devices constantly moving between remote and in-office locations, a central and unified endpoint management strategy should be established. Organisations should build an endpoint management program that supports an expanding hybrid workforce by revising existing security programs to exercise control over organisational resources, irrespective of their location.
IT security teams should pay special attention to employees’ work devices to prevent potential security gaps. To protect against outsider threats and cyberattacks, these devices must be continuously monitored, antivirus software should be updated to the latest version, and all security updates should be applied. The use of VPNs and other encryption methods should be made mandatory. Similarly, operating systems and applications running on these endpoint devices must regularly be patched with the latest updates.
Enforcing Zero Trust principles
The absence of an explicit network perimeter is one of the biggest challenges posed by a hybrid workforce model, which reiterates that traditional perimeter-based security is no longer compatible with current standards. The threat landscape is broadened in a hybrid environment since employees work from different locations using both personal and work devices. Adopting a Zero Trust approach protects users, devices, and resources from attacks and threats, irrespective of the location.
The fundamental principle of Zero Trust is “never trust, always verify,” which ensures that no user, device, or application is trusted irrespective of whether they are present within or outside the organisation’s network. A Zero Trust approach establishes stringent security measures. This works out well for a hybrid model in which users, devices, data, and applications are distributed across random locations.
One of the most important strategies used by Zero Trust is the principle of least privilege (PoLP) to ensure that users are provided access to network resources on a need-to-know basis. By providing least privilege access to users, exposure to sensitive and critical parts of the network is minimised. This also prevents lateral movement within the network in case of an insider attack. Role-based access control is one of the most common ways to implement the PoLP, where the user is provided access based on their role within the organisation.
Microsegmentation is the process of dividing the network into smaller and more manageable zones to enable granular access and control. It is an important aspect of Zero Trust since it helps reduce the attack surface and prevents unauthorised lateral movement within the network.
By employing strategies such as multi-factor authentication, single sign-on, continuous monitoring, and auditing, a Zero Trust architecture ensures security for a constantly changing hybrid workforce.
Combating insider threats
To combat insider threats and attacks, organisations should realise the importance of the human element in cybersecurity. Humans are the weakest links in the cybersecurity landscape and the primary cause of any attack. Humans also form the first line of defence against potential cyberattacks.
Organisations should train employees to identify and prevent cyberthreats and attacks. Security awareness and training programs should be conducted to help employees recognise and report phishing, social engineering, and other types of cyberattacks. Similarly, these programs can instil in employees the importance of the physical security of devices. Developing a security-minded culture among employees will go a long way in making the hybrid workforce model viable and free from risks that are avoidable.