IBM estimates that in 2021 a data breach incident costs enterprises $4.24 million on average. Even though the workforce is returning to offices in varying capacities, research on the topic indicates that managers are planning for a hybrid work future. 
According to Gartner, 82% of business leaders plan to let employees continue to work from home (WFH) in at least some capacity, while 47% plan to allow employees to do so permanently.

WFH/WFA Workplace Create New Cybersecurity Threats

Cybersecurity-wise, this new development means that an increasing number of workers will access their online work environment through vulnerable networks, and additional security measures have to be put in place to mitigate the connected risks.

The Security Risk

The switch to remote work left managers dealing with several cybersecurity threats stemming from unsecured home devices and networks, as well as unprotected internet traffic. 
When the majority of employees work from a single location, there is only a need to protect the main network - which is less demanding than protecting as many endpoints as there are employees

The Risks Of A Hybrid Work Environment

The elements that build for security and privacy that may normally be available in a controlled corporate physical environment setting with defined physical barriers are routinely obliterated in WFA environments.
And the risks associated with WFH are amplified when the move is made to WFA. This is because it includes not only our home base but also frequently working on the road at customer locations, airports, coffee shops, and just about anywhere with wired or wireless connections.

The Risk Of That Coffee Shop WiFi

Working from anywhere usually means using unencrypted public Wi-Fi, which can lead to information being intercepted, malware being distributed. There is an array of ways in which hackers exploit unsecured public networks, and businesses have to adapt their cybersecurity strategies accordingly.Adapting to working from home was a challenge to cybersecurity personnel everywhere, but the growing trend of working from anywhere entails a new set of threats to consider.

The Need To Adapt

Since every remote employee is a potential threat to the integrity of a given company's data, businesses are shifting their cybersecurity strategies away from the castle-and-moat approach.
In the Zero Trust framework, the given network is protected by granting users and devices access to only those parts of the network that are essential to their task. In such a system, every user is authenticated before being allowed to access the needed data through an encrypted tunnel. Because of this, even if a device gets compromised, it can't cause network-wide damage.

Zero Trust Framework

<ol>
<li>A comprehensive security framework of this kind allows remote employees to safely connect to the company network without putting the whole network at risk.</li>
<li>Web browsing becomes considerably safer, allowing cybersecurity personnel to ensure employee browsing habits are not potentially harmful to the company.</li>
<li>Due to the automated nature of Zero Trust-based systems, managers gain more time to educate their personnel on best cybersecurity practices</li>
</ol>

Zero Trust-Based Systems: Enhancing Three Key Areas

<div><label>5</label></div><img src="https://hackernoon.com/emojis/heart.png" width="30" height="30"><img src="https://hackernoon.com/emojis/light.png" width="24" height="30"><img src="https://hackernoon.com/emojis/boat.png" width="30" height="30"><img src="https://hackernoon.com/emojis/money.png" width="30" height="30"><div>Gartner: 82% of business leaders plan to let employees continue to work from home (WFH) in at least some capacity, while 47% plan to allow employees to do so permanently. IBM estimates that in 2021 a data breach incident costs enterprises $4.24 million on average. Some companies have turned to the work from anywhere model to give their employees the option of working from an office or home, and even from a geographic location of their own choice. This means that an increasing number of workers will access their online work environment through vulnerable networks.</div><img alt="image" src="https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=3840&amp;q=75" srcset="https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=640&amp;q=75 640w, https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=750&amp;q=75 750w, https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=828&amp;q=75 828w, https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=1080&amp;q=75 1080w, https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=1200&amp;q=75 1200w, https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=1920&amp;q=75 1920w, https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=2048&amp;q=75 2048w, https://hackernoon.com/_next/image?url=https%3A%2F%2Fcdn.hackernoon.com%2Fimages%2FFt1b5BCOQ7dpNfMhG3192dG8JxE2-1w037v1.jpeg&amp;w=3840&amp;q=75 3840w" width="834" height="556"> Listen to this story<div><label for="Speed-select">Speed:</label></div><div dir="ltr"><label for="Speed-select" dir="ltr">Read by:</label><select name="voices" dir="ltr"> </select></div><img src="https://cdn.hackernoon.com/avatars/robot-b5.png" alt="voice-avatar" width="60" height="60"><img alt="NordLayer Hacker Noon profile picture" src="https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=3840&amp;q=75" srcset="https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=640&amp;q=75 640w, https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=750&amp;q=75 750w, https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=828&amp;q=75 828w, https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=1080&amp;q=75 1080w, https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=1200&amp;q=75 1200w, https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=1920&amp;q=75 1920w, https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=2048&amp;q=75 2048w, https://hackernoon.com/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fhackernoon-app.appspot.com%2Fo%2Fimages%252FFt1b5BCOQ7dpNfMhG3192dG8JxE2-0h13u6c.jpeg%3Falt%3Dmedia%26token%3Dc4a0c736-816a-4f37-b772-5614aeb88215&amp;w=3840&amp;q=75 3840w" width="50" height="50"><h3>NordLayer</h3>Advanced network access security for modern workforces<div><a dir="ltr">NEWABOUT PAGE</a></div>IBM estimates that in 2021 a data breach incident costs enterprises $4.24 million on average. Even though the workforce is returning to offices in varying capacities, research on the topic indicates that managers are planning for a hybrid work future. According to Gartner, 82% of business leaders plan to let employees continue to work from home (WFH) in at least some capacity, while 47% plan to allow employees to do so permanently.&nbsp;Some companies - Spotify being a notable example - have turned to the work from anywhere (WFA) model to give their employees the option of working from an office or home, and even from a geographic location of their own choice.&nbsp;Cybersecurity-wise, this means that an increasing number of workers will access their online work environment through vulnerable networks, and additional security measures have to be put in place to mitigate the connected risks.&nbsp;<h2>The risks of a hybrid work environment</h2>The switch to remote work left managers dealing with several cybersecurity threats stemming from unsecured home devices and networks, as well as unprotected internet traffic. When the majority of employees work from a single location, there is only a need to protect the main network - which is less demanding than protecting as many endpoints as there are employees.<BLOCKQUOTE>"More employees working from anywhere means more devices connecting remotely, i.e., outside of the secured corporate network. As a result — businesses' control over data is slipping rapidly," says Juta Gurinaviciute, Chief Technology Officer at <a href="http://www.nordlayer.com/?ref=hackernoon.com" rel="noopener noreferrer sponsored" dir="ltr">NordLayer</a>.</BLOCKQUOTE>"As such, it is critical to understand what remote workers are doing with that data and rework the new 'normal' to make it more effective and secure," Gurinaviciute says.The elements that build for security and privacy that may normally be available in a controlled corporate physical environment setting with defined physical barriers are routinely obliterated in WFA environments. And the risks associated with WFH are amplified when the move is made to WFA. This is because it includes not only our home base but also frequently working on the road at customer locations, airports, coffee shops, and just about anywhere with wired or wireless connections.&nbsp;"Adapting to working from home was a challenge to cybersecurity personnel everywhere, but the growing trend of working from anywhere entails a new set of threats to consider," adds Gurinaviciute. <BLOCKQUOTE>"Working from anywhere usually means using unencrypted public Wi-Fi, which can lead to information being intercepted, malware being distributed. There is an array of ways in which hackers exploit unsecured public networks, and businesses have to adapt their cybersecurity strategies accordingly."&nbsp;</BLOCKQUOTE><h2>Adapting cybersecurity protocols</h2>The consequences of poor cybersecurity hygiene while working remotely can include anything from compromised sensitive data to unauthorized access to the organization's infrastructure. Secure communications while working remotely can be ensured by the combination of technical solutions and controls with proper employee operations security (OPSEC).<BLOCKQUOTE>"Typically, when it comes to securing your teleworkers, the first item on the agenda is developing a corporate policy," says Gurinaviciute.</BLOCKQUOTE>"This policy should outline what's acceptable in a remote working environment, how data is handled, what levels of authorization are available, etc. Risk-based decisions can also be made depending on the types of devices employees use for teleworking (for example, company-issued devices, personal laptops or smartphones, etc.). Devices that haven't been issued specifically by the company should be subject to more stringent controls," says Gurinaviciute.Since every remote employee is a potential threat to the integrity of a given company's data, businesses are shifting their cybersecurity strategies away from the castle-and-moat approach. Previously, companies thought it was enough to have a robust, perimeter defense-oriented approach to cybersecurity. Now, network security solutions based on the Zero Trust principle are replacing traditional, static defense strategies.&nbsp;&nbsp;&nbsp;In the Zero Trust framework, the given network is protected by granting users and devices access to only those parts of the network that are essential to their task. In such a system, every user is authenticated before being allowed to access the needed data through an encrypted tunnel. Because of this, even if a device gets compromised, it can't cause network-wide damage.&nbsp;Organizations that have Zero Trust-based system in place enhance their cybersecurity in three key areas - secure access, secure browsing, and increased cybersecurity training opportunities, adds the <a href="http://www.nordlayer.com/?ref=hackernoon.com" rel="noopener noreferrer sponsored" dir="ltr">NordLayer</a> expert:"First, a comprehensive security framework of this kind allows the remote employees to safely connect to the company network without putting the whole network at risk. Second, web browsing becomes considerably safer, allowing cybersecurity personnel to ensure employee browsing habits are not potentially harmful to the company. Finally, due to the automated nature of Zero Trust-based systems, managers gain more time to educate their personnel on best cybersecurity practices, which is crucial because defrauding humans is one of the chief enablers of successful cyberattacks."Want to get on the infosec certification track and a lifetime VPN to boot?

IBM estimates that in 2021 a data breach incident costs enterprises $4.24 million on average. Even though the workforce is returning to offices in varying capacities, research on the topic indicates that managers are planning for a hybrid work future. According to Gartner, 82% of business leaders plan to let employees continue to work from home (WFH) in at least some capacity, while 47% plan to allow employees to do so permanently. 

Stashed ideas

Advanced network access security for modern workforces

IBM estimates that in 2021 a data breach incident costs enterprises $4.24 million on average . Even though the workforce is returning to offices in varying capacities, research on the topic indicates that managers are planning for a hybrid work future. According to Gartner, 82% of business leaders plan to let employees continue to work from home (WFH) in at least some capacity, while 47% plan to allow employees to do so permanently.

Some companies - Spotify being a notable example - have turned to the work from anywhere (WFA) model to give their employees the option of working from an office or home, and even from a geographic location of their own choice.

Cybersecurity-wise, this means that an increasing number of workers will access their online work environment through vulnerable networks, and additional security measures have to be put in place to mitigate the connected risks.

The switch to remote work left managers dealing with several cybersecurity threats stemming from unsecured home devices and networks, as well as unprotected internet traffic. When the majority of employees work from a single location, there is only a need to protect the main network - which is less demanding than protecting as many endpoints as there are employees.

"As such, it is critical to understand what remote workers are doing with that data and rework the new 'normal' to make it more effective and secure," Gurinaviciute says.

The elements that build for security and privacy that may normally be available in a controlled corporate physical environment setting with defined physical barriers are routinely obliterated in WFA environments. And the risks associated with WFH are amplified when the move is made to WFA. This is because it includes not only our home base but also frequently working on the road at customer locations, airports, coffee shops, and just about anywhere with wired or wireless connections.

"Adapting to working from home was a challenge to cybersecurity personnel everywhere, but the growing trend of working from anywhere entails a new set of threats to consider," adds Gurinaviciute.

The consequences of poor cybersecurity hygiene while working remotely can include anything from compromised sensitive data to unauthorized access to the organization's infrastructure. Secure communications while working remotely can be ensured by the combination of technical solutions and controls with proper employee operations security (OPSEC).

"This policy should outline what's acceptable in a remote working environment, how data is handled, what levels of authorization are available, etc. Risk-based decisions can also be made depending on the types of devices employees use for teleworking (for example, company-issued devices, personal laptops or smartphones, etc.). Devices that haven't been issued specifically by the company should be subject to more stringent controls," says Gurinaviciute.

Since every remote employee is a potential threat to the integrity of a given company's data, businesses are shifting their cybersecurity strategies away from the castle-and-moat approach.

Previously, companies thought it was enough to have a robust, perimeter defense-oriented approach to cybersecurity. Now, network security solutions based on the Zero Trust principle are replacing traditional, static defense strategies.

In the Zero Trust framework, the given network is protected by granting users and devices access to only those parts of the network that are essential to their task. In such a system, every user is authenticated before being allowed to access the needed data through an encrypted tunnel. Because of this, even if a device gets compromised, it can't cause network-wide damage.

Organizations that have Zero Trust-based system in place enhance their cybersecurity in three key areas - secure access, secure browsing, and increased cybersecurity training opportunities, adds the <a href="http://www.nordlayer.com/?ref=hackernoon.com">NordLayer </a>expert:

"First, a comprehensive security framework of this kind allows the remote employees to safely connect to the company network without putting the whole network at risk.

Second, web browsing becomes considerably safer, allowing cybersecurity personnel to ensure employee browsing habits are not potentially harmful to the company.

Finally, due to the automated nature of Zero Trust-based systems, managers gain more time to educate their personnel on best cybersecurity practices, which is crucial because defrauding humans is one of the chief enablers of successful cyberattacks."

Want to get on the infosec certification track and a lifetime VPN to boot?

Bite-sized knowledge
to upgrade
your career

WFH/WFA Workplace Create New Cybersecurity Threats: Are You Prepared?

WFH/WFA Workplace Create New Cybersecurity Threats

The Security Risk

The Risks Of A Hybrid Work Environment

The Risk Of That Coffee Shop WiFi

The Need To Adapt

Zero Trust Framework

Zero Trust-Based Systems: Enhancing Three Key Areas

IDEAS ABOUT

MORE LIKE THIS

How Do I Adopt a 'Zero Trust' Framework?

How to Deal With Rejection: A Science-Based Approach

How WiFi Works

It's time to

READ

LIKE

A PRO!

Bite-sized knowledgeto upgradeyour career

WFH/WFA Workplace Create New Cybersecurity Threats: Are You Prepared?

WFH/WFA Workplace Create New Cybersecurity Threats

The Security Risk

The Risks Of A Hybrid Work Environment

The Risk Of That Coffee Shop WiFi

The Need To Adapt

Zero Trust Framework

Zero Trust-Based Systems: Enhancing Three Key Areas

IDEAS ABOUT

MORE LIKE THIS

How Do I Adopt a 'Zero Trust' Framework?

How to Deal With Rejection: A Science-Based Approach

How WiFi Works

It's time to

READ

LIKE

A PRO!

Bite-sized knowledge
to upgrade
your career