Are Hybrid Workers at More Risk of Cyber Threats?

Originally published by ThreatLocker.

Introduction

Did you know that in 2023, 74% of US companies support or plan to support hybrid workers? The global COVID-19 pandemic shut down enterprises worldwide, forcing companies to devise creative ways to maintain business productivity while keeping workers healthy and slowing the spread of COVID-19. Although many companies first incorporated hybrid workers into their workforce during this pandemic, the trend continues to grow in popularity today.

What is a Hybrid Worker?

So, what exactly is a hybrid worker? A hybrid worker is an employee that routinely splits their work week between working in an office and remotely. Incorporating a hybrid working environment encourages productivity and promotes flexibility, allowing workers to perform their job duties in the office, on the go, and from home. A recent study by Zippia revealed that 83% of workers today prefer a hybrid work model. Companies are adopting a hybrid work approach to secure and retain top talent for job duties that can be performed remotely.

Challenges of a Hybrid Work Environment

As many employees are moving to hybrid work, the corporate network is now the internet. Gone are the days when an enterprise’s assets were all under one roof, protected by a perimeter firewall. In order to maintain productivity with employees working from remote locations, potentially all around the world, corporate resources must be accessible from anywhere. However, the internet is also shared with cybercriminals, making it challenging to maintain the accessibility of corporate data for employees while ensuring it is inaccessible to cybercriminals, preserving its integrity and confidentiality.

Hybrid workers take their corporate computers with them, connecting to networks not maintained by the company’s IT department to access business data. Home networks are not always secure. Home networking equipment is easy to use right out of the box, and most home users never change the default security settings of these devices, making them an easy target for criminals.

Hybrid employees may use public WIFI when working from locations other than their homes, which makes them susceptible to an adversary in the middle or an evil twin attack. These attacks could enable a bad actor to intercept and access valuable business data. They can steal login credentials and use those to access even more of an enterprise’s resources.

Any public or private network is only as secure as the least secure device connected to it. The average computer user may not keep up with patching software vulnerabilities, making these home devices more susceptible to malware infection. Once malware infects even a single networked endpoint, it can spread throughout the network, infecting any device that connects to it, adding to the risk of hybrid employment.

How to Mitigate Cyber Risks for Hybrid Workers

Although the challenges created by a hybrid work structure can seem intimidating, there are steps an enterprise can take to mitigate the associated risks. As the security of the network that a company's endpoints connect to is no longer under their control, the emphasis must shift to controlling and securing the endpoints and servers themselves.

Data protection should be at the forefront of any cybersecurity strategy, especially in today's highly connected, hybrid working world. Companies must incorporate a data protection solution that ensures only users and applications that require access to data can access that data, no matter where they connect from. Encryption should be enforced for data in transit and data at rest.

Endpoint firewalls help to control network activity directly on the endpoint. Rules can be created to permit or deny network traffic on each endpoint to help control access. Endpoint firewalls also enable monitoring of the network activity on the endpoint. With an endpoint firewall, regardless of the network it is connected to, the endpoint will have some protection against unwanted connections.

Businesses should enforce multi-factor authentication (MFA) on corporate assets and accounts. While MFA does not prevent an adversary in the middle attack or an evil twin attack, MFA makes it harder for cybercriminals to use stolen credentials and log in. These adversaries may still successfully intercept the credentials, but once they are prompted for the MFA, they cannot continue.

To provide the best protection against malware threats, incorporate a default deny, application allowlisting solution. Traditional antivirus and antimalware solutions rely on identifying known bad behavior and files and then reacting to the bad file or behavior. However, they can't always identify or react to malware quickly enough to prevent damage. Use an endpoint security solution that blocks everything by default and only permits what is needed to better stay ahead of known and unknown threats. Then, when a hybrid worker connects to an unsecured network, any malware on that network cannot spread to their computer.

Summary

As the world continues to move towards a more hybrid work model, it is more important than ever that businesses find ways to keep their assets safe from adversaries yet available to those employees that require it. Hybrid workers need extra protection as the internet they use to access company resources is shared by criminals. Enterprises should layer MFA, endpoint protection, storage protection, and network control into their cybersecurity strategy to help mitigate the risks associated with employing hybrid workers.