Nearly two years after working from home became the “new normal” in some industries, many companies have scrapped the idea of returning to the office full-time and instead have embraced a mix of on-site and remote work. This is evidenced by Microsoft’s recent introduction of Windows 365, a cloud PC solution that the supplier calls “a new computing paradigm for hybrid work” in the Microsoft News Center article “Microsoft unveils Windows 365 — ushering in a new category of computing.”
The vast majority of enterprise organizations (81 percent) have at least started adopting a hybrid office strategy, according to the Zero Trust Adoption Report released by Microsoft in July 2021. While this approach to employment allows for greater flexibility, it also raises some concerns related to cybersecurity.
More than 900 security decision-makers from the U.S., Japan, Germany, Australia and New Zealand identified the following as some of their most pressing concerns about hybrid workplace models, according to the Zero Trust Adoption Report.
1. Downloading apps that aren’t secure.
If you’re worried about staff members downloading unsafe applications, consider conducting employee security awareness training that instructs your team not to download apps that your security team hasn’t approved. Additionally, you can require your team members to use company-issued devices and only permit admins to install new applications.
2. Greater workload for IT support staff.
Understandably, IT teams might find themselves overwhelmed as they try to address the support needs of a hybrid workplace while maintaining optimal levels of cybersecurity. For companies that want to avoid overworking their in-house IT staff, co-managed IT services can make everyone’s lives less stressful while still supporting a high level of performance. Learn more from our supplemental IT support page.
3. Higher risk of ransomware attacks.
It makes sense that security decision-makers are worried about ransomware: These types of cyberattacks are increasingly common, with average weekly ransomware activity in June 2021 reaching levels 10.7 times higher than a year prior, according to the August 2021 Global Threat Landscape Report from Fortinet.
Human error, outdated solutions, poor IT hygiene and misconfigured systems can all open the door to ransomware, according to the MSPinsights article “How Ransomware Sneaks In” from Webroot. If you want to proactively lower your chances of getting infected and ensure the damage is minimal if you are breached, your best bet is to invest in advanced cybersecurity solutions, such as the following:
- Security awareness training
- Zero-trust network architecture with secure access service edge (SASE)
- Extended detection and response (XDR)
- Incident response services
4. Higher risk of phishing.
Cybercriminals have launched new scams in response to the pandemic and widespread remote work, including phishing campaigns. The following solutions and strategies can help you avoid security incidents related to phishing:
- Security awareness training that includes info on how to spot suspicious messages
- Email spam filtering solutions
- Labeling all emails that come from senders outside of your organization
5. Improper personal device utilization.
If your employees use their personal devices to access corporate apps and data against your official policies, that can create risks, since you can’t be sure that those devices are secure (patched, updated, etc.). Awareness training to ensure everyone knows why they shouldn’t use their personal devices for work purposes can help address this issue.
Ultimately, maintaining an up-to-date and comprehensive cybersecurity strategy is vital for companies that have transitioned to hybrid office set-ups. If you have any questions or would like additional guidance on how to approach hybrid workplace security, our team would be happy to assist you. Connect with us today by calling 877-599-3999 or emailing firstname.lastname@example.org.