Remote work continues to be embraced long-term, with Prudential’s Pulse of the American Worker Survey from March 2023 revealing 52% of companies now have hybrid policies allowing both remote and onsite work. However, cyber threats have escalated accordingly. Verizon’s 2023 Data Breach Investigations Report indicates a 13% rise in cyber incidents targeting remote workers versus organizations with on-site staff only.
As distributed environments expand corporate attack surfaces, how should IT leaders and CISOs move to mitigate the heightened dangers? After summarizing key threats, we outline specific actions and controls that security teams should prioritize to reduce risk exposure for remote employees.
Top Threat Vectors Targeting Remote Workers
Cisco’s 2023 Hybrid Work Index found 60% of remote workers use personal devices to access employer networks, while 35% utilize unauthorized cloud apps for company work – representing prime vulnerabilities. The report further highlighted sophisticated social engineering attacks as the fastest-growing cyber risk for remote staff. Additional Verizon research shows web apps are now the top intrusion vector.
With remote users more reliant on personal devices and web/cloud apps off the corporate network, organizations must take proactive measures to harden these access channels through layered controls. Expanding staff training is also instrumental in countering surging social engineering attempts that hijack human trust.
5 Steps to Reduce Remote Exposure
Bolstering remote cybersecurity hinges on technology leaders driving progress across five areas within their organizations:
- Adopt Unified Endpoint Management (UEM)
- UEM platforms from vendors like VMware, Microsoft, and BlackBerry allow IT teams to centrally manage endpoints and apply security controls across all user devices, whether company-owned or BYODs. Capabilities include monitoring device health, encryption enforcement, remote actions like wiping lost devices, and ensuring compliance with set policies.
- Mandate Multi-Factor Authentication (MFA)
- MFA requires staff to provide an additional credential beyond a password when accessing corporate applications and accounts. Options include approving a prompt on a security app, entering a code sent via SMS or email, or performing biometric checks. The top MFA solutions include Okta, Duo Security, and Microsoft Authenticator.
- Route Web Traffic Through a Secure Gateway
- Secure web gateways (SWGs) from McAfee, Zscaler and others funnel outbound web traffic through cloud proxies, blocking suspicious sites and filtering malicious code and downloads via deep packet inspection before it reaches user devices. This protects on and off-network remote staff.
- Prioritize Ongoing Employee Training
- Education helps remote teams recognize rising social engineering, phishing, and business email compromise scams attempting to steal credentials. Training should evolve based on emerging methods attackers use to exploit remote workers’ trust. Combining interactive online modules with simulated tests is optimal for retention and preparedness.
- Audit Controls Against Actual Remote Setups
- As a best practice, organizations should continuously assess the efficacy of implemented security tools and policies, specifically against the remote hardware and software configurations their distributed employees utilize daily. Ethical breach and penetration simulations, modeled directly on existing remote user environments rather than on-premises workstations, closes dangerous gaps.
By implementing robust identity systems secured via MFA, monitoring managed devices through UEM platforms, inspecting web activity, educating users on emerging threats, and proactively stress testing defenses, organizations can empower more secure distributed work at scale.