Although some companies are requesting their staff to return to the office, it is unlikely that there will be a complete return to full-time office working. Today, in the US around 25% of work is done remotely – a 500% increase compared to 2019. And whilst hybrid work, and the flexibility it brings, has benefits, there are a number of security issues to tackle.
Challenge 1: Physical security
Hybrid working has led some companies to move away from a centralised headquarters, to having several small offices in different locations to enable staff to work closer to home more easily. This makes it harder to manage building security as there is no longer just one location to monitor and protect. And, with hybrid working, employees are likely to use the office more sporadically, making it harder for security staff to monitor unusual patterns or unknown faces.
Solution: Centralise security
By using a centralised management platform, security staff can have a single line-of-sight to ensure compliance and manage investigations. Through this, the team can manage access to the different locations and assign relevant credentials to visitors and staff before they enter the building. The use of cameras for image recognition and tools to support remote entry and locking can also make it easier for security teams to manage.
Challenge 2: Unsecured networks and devices
When staff work outside of the office, it’s impossible to ensure the same level of protection. For example, if someone connects to a public WiFi when working from a cafe or coworking space, the chances of malicious actors gaining access to the network increases. There is also a higher chance of devices getting lost or stolen when they are being taken out of the secure office environment.
Solution: Equip staff with tools and knowledge
Outside of the office, employees are the first line of defence, so training them to understand the risks and how to avoid them is crucial. Additionally, the use of VPNs and personal hardware can also help to reduce the chance of attacks. And personalised multi-factor authentication (such as biometrics) can further prevent malicious actors getting access to systems and data, even if a device is stolen.
Challenge 3: Data privacy and protection
As more people work from home, compliance with various global data protection laws are harder to manage. According to an EY survey, 66% of respondents said data privacy and data protection compliance concerns had increased over the previous year. This includes things like storing data on devices without password protection or leaving a screen open in a public place.
Solution: Make sure employees realise their responsibility
It is hard for a security team to monitor compliance around data usage, so in this case it is essential that employees take on this responsibility themselves. Training them to understand the ways to protect themselves and stay compliant is crucial.