chevron-down Created with Sketch Beta.


How to Protect Your Remote Workforce from New Cybersecurity Threats

Jason R Scheiderer


  • The new hybrid workplace is here to stay, at least in some portion. Employees and employers have adapted to “work from home.” Both have seen benefits to employees having the option of working from home.
  • People working at home are more likely to intermingle work and personal devices and tasks. Worse, while working at home, employees are accessing more company data, more often.
  • This new workplace comes with cybersecurity vulnerabilities that should be investigated and then quickly addressed. Practices will vary significantly, as the businesses themselves vary. But employers need to be mindful of the cybersecurity risks and plan ahead to consider possible responses to those risks.
How to Protect Your Remote Workforce from New Cybersecurity Threats
Kelvin Murray via Getty Images

Before March 2020, only 20 percent of American workers said they worked from home all or most of the time. Now 71 percent are working from home all or most of the time. Among those working from home, 64 percent reported that their office is currently closed or unavailable. Importantly, 54 percent say that, given a choice, they would like to keep working from home, even after their offices reopen. The transition to working from home was swift, but both employers and employees generally report that it went “better than expected” and that overall productivity has remained intact.

But what about cybersecurity? Companies rushed to provide workers with the basic necessities of their positions. But recently many businesses are learning about, and addressing, security threats posed by their “at home” workforces.

This article considers the new threats and practices to help mitigate evolving risk.

The “Old” Threats

Cyberattacks against businesses began well before the COVID-19 pandemic. Businesses have long faced risks like data loss, data theft, and misappropriation of trade secrets. And businesses understand the tremendous impact a data incident can have on company’s operations, legal spend, customer goodwill, and brand damage. Unfortunately, cyberattacks have only increased—in both frequency and sophistication—since the start of the pandemic. KuppingerCole reports that there has been a 238 percent increase in global cyberattack volume during the pandemic.

According to a recent survey by IBM, worldwide the average cyberattack costs a business $4.2 million. In the United States, the numbers are much worse, with the average cost of a data breach being $9.05 million. Cost and impact to the business are driven by a number of factors, but one of the most important is how quickly the company discovers the attack and takes action against it.

One of the biggest changes in the move to remote working has been a delay in businesses’ response to possible security breaches. According to recent survey information, U.S. businesses needed an average of 287 days to identify and contain a data breach, which was 7 days longer than in 2019. But companies that had less than 50 percent of their employees working from home averaged 189 days to identify a breach and 69 days to contain, or 258 days total; whereas businesses with more than 50 percent of their workforce working remotely averaged 235 days to identify and 81 days to contain, or 316 days total. With employees scattered remotely, businesses have a harder time identifying and containing data incidents. At least according to IBM’s study, heavily remote workforces may lengthen a company’s containment time by 22 percent.

The New "Hybrid" Workplace

Now that so many people are working from home (or somewhere other than their company’s offices), what are the new or increased risks? As with most cybersecurity, the weakest link is usually people. Recent surveys found that

  • 70 percent of remote workers admit to using their work devices for personal tasks.
  • 69 percent use personal laptops or printers for work.
  • 30 percent of remote workers have let someone else (often a child or spouse) use their work devices.

People working at home are more likely to intermingle work and personal devices and tasks. Worse, while working at home, employees are accessing more company data, more often: 71 percent of those surveyed said they are accessing more company data, more frequently, than when they worked in the office. And when employees at home want to move some of these data, they often develop “work-arounds” to avoid company policies for their own convenience or the convenience of their coworkers (e.g., sending files through personal email accounts or saving company data on a local hard drive.)

Home “offices” can also vary widely in their technological and physical security. Employees, without direct help from information technology (IT) professionals, may not know how to secure their personal Wi-Fi networks. And we have observed that “working from home” often means working from a coffee shop, a store, or a beach. Employees are likely to use convenient—and therefore vulnerable—Wi-Fi networks when they are working remotely outside their homes. And, of course, any time an employee is moving his or her work computer or phone from place to place, there is an increased possibility of loss or theft.

In addition, modern homes may contain a variety of connected devices (the internet of things or IOT), which may be listening to confidential conversations and meetings. We have seen an increasing number of lawsuits growing out of breaches into data stored by nontraditional devices (e.g., FitBit, Alexa, thermostats). With devices now possibly recording and storing company data (in addition to the employee’s personal data), the risk to businesses increases. Finally, to the extent employees are generating or receiving paper, employees may not be securing or shredding hard copies of company data when disposing of paper.

Beyond the many technological vulnerabilities, when employees are at home, they have less opportunity to check in with a coworker or IT professional before engaging in a risky behavior. Phishing schemes are on the rise. How many new workers has your company added since March 2020? How many of them have you met in person? Hackers are trying to take advantage of this reality by posing as new workers or vendors seeking an “introduction” to other employees. Lonely employees at home may be more willing to “meet” a new coworker. And skeptical employees, without a nearby coworker to consult, may click on an attachment they otherwise would not have clicked on.

When at-home employees make a mistake, they appear to be slower to inform the company. Maybe they think they can “fix” the problem by themselves. Even when an employee does take action, it likely will take longer for the concern to reach the appropriate people at the company. And it will certainly take longer for the IT professionals to identify and isolate an infiltration that occurred through a network or device at someone’s home. But perhaps the most difficult situation is when an employee action triggers a ransomware attack. The employee’s machine might be frozen and unable to be used by the employee or the company (remotely). This gives the hacker significant time to steal company data.

Sufficiently uncomfortable about company security? Let’s discuss some ways that businesses can better protect themselves.