The push towards remote work exploded over the last three years and has opened up many benefits for both employees and employers. Employees enjoy more freedom to get their jobs done almost anywhere and employers can reduce their overhead expenses and hire talent from across the country or globe.
Remote work, however, does come with some risks, especially when it comes to IT. Workers who hit the local coffee shop for an hour or two increase their cybersecurity risk when connecting to public Wi-Fi. Working in a public place also opens up employees to other kinds of vulnerabilities including traditional theft.
What are the security risks when working in a public place? And how can business owners reduce the risk for a remote workforce? Let’s take a look.
Common IT Risks When Working Remote
When working anywhere other than the office, it’s safe to assume there are increased risks to employees’ information technology security. Employees working remotely can directly expose work computers and networks to cybercrime such as hacking and phishing.
What threats and IT risks do employees and employers face? Here are the most common IT risks when working in a public place:
When working at a coffee shop, library, or another public place, it’s tempting to open your laptop and connect to the free Wi-Fi offered. Connecting to a public network though is one of the easiest ways to fall victim to a cyberattack.
Nearly 25% of all public Wi-Fi hotspots do not have encryption or protection, meaning anyone near the access point has an easy way “in” to the network and can steal data. The risk isn’t only for laptops – research shows that 40% of mobile devices used for work are exposed to a cyber attack within the first four months of use.
Evil Twin Attacks
An evil twin is a fraudulent or fake public Wi-Fi set up by a cybercriminal. Essentially, the cybercriminal capitalizes and preys on remote workers and sets up a Wi-Fi hotspot that looks legitimate but is actually bait to steal sensitive information from users. When users connect to the “evil twin,” all of the sensitive data shared on the network passes through a server controlled by the attacker.
Public spaces are just that – public – and don’t offer the same privacy as a home office. When working in a public space, you are at risk for prying eyes, or “shoulder surfers,” who can steal data displayed on a laptop screen. Skilled shoulder surfers can steal passwords, PINs, among other kinds of information directly off of a laptop screen.
Most workers get up and stretch their legs or get a cup of coffee several times a day. When workers do this in a public place – even for just a few seconds – criminals can swipe work laptops and personal devices. While uncommon, this is a risk employers should consider when utilizing a remote workforce.
These are a few of the many cybersecurity risks when working in a public place. With some planning and intention, there are ways to minimize security risks for a remote workforce.
How to Reduce Security Risks
Working in a public place can present cybersecurity risks if proper preventative steps are ignored. To minimize IT security risks when working in public, it is important to never leave devices unattended and to disable any devices that must remain out of sight or not in use when not attended.
Here are some best practices to help reduce the risks of working in a public place:
- Provide team members with separate work computers: When you provide computers and mobile devices to your team, your IT professionals can configure settings to minimize cyber risk. Furthermore, work computers can be monitored remotely to stay ahead of any risks such as phising and other social engineering cyber attacks.
- Use personal hotspot device: Refrain from connecting to public networks or Wi-Fi as data can be exposed on these unsecured networks. Instead, connect to a personal hotspot device. Personal hotspot devices are a better alternative to public Wi-Fi and are an affordable piece of hardware that gives peace of mind employees are on a safe network.
- Use a VPN: If team members must use public Wi-Fi, having a virtual private network, or VPN, is critical for online security and safety. A VPN creates a secure connection between the computer and the computer network and protects online privacy. VPNs encrypt internet traffic and make it difficult for hackers to track online activities and steal data.
- Use strong passwords: While it may be repetitive to hear, the first line of defense against cybercrime is a strong password. Weak passwords, or using the same password across multiple sites and devices, make employees easy targets. Use passwords that are at least 12 characters, including symbols and numbers, and are unique to each site or device. Password managers can make this process easier for team members.
- Provide team members with laptop cable locks: Laptop cables work the exact same way as bike locks – the cable connects to the laptop and then around a stationary object such as a table leg. The locks can only be unlocked with either a key or a code.
- Employ a comprehensive cybersecurity program: If you’re employing a remote workforce, it’s absolutely imperative to have a comprehensive cybersecurity program in place that addresses phishing scams, malware, viruses, and other cyber threats. Your IT team should develop and implement a plan that includes endpoint protection, network security, email security, and dark web monitoring.
Following these tips and best practices can help reduce IT security risks for your team members when working in a public place. Unsure where to start or how to implement these solutions? Contact us today for a free cybersecurity audit.
Remote Workforce Cybersecurity Solutions from Everound
As a managed IT services provider, Everound understands the challenges business face with cybersecurity. Whether you have an entirely remote workforce, an “in-person” team, or a blend of the two, we can help you develop a cybersecurity plan to protect your team members both in the office and when they are working in a public place.
Cyber attacks can paralyze a business – don’t wait until AFTER an attack to improve your cybersecurity. Contact us today for a free review of your current cybersecurity infrastructure and a recommended path forward to protect your company from a cyber attack.