In 2023, with more people than ever choosing to work from home, there is an ever-increasing need for workplace security.
With the rise of remote and hybrid working, the modern workplace has been redefined. Companies now have a larger security perimeter to manage, as protection is often no longer limited to a single workplace location, such as an office.
Companies will have to tactically adapt their security policies to deal with this new challenge. As always, priority should be given to protecting the workforce, data, and property. Many businesses will now need to change to an integrated system, to include both data and physical security.
Furthermore, it is predicted that the increase in labor costs will have a knock-on effect on businesses. National insurance hikes and a rise in the living wage could increase physical security (man-guarding) costs by 10%.
However, as physical security costs are rising many will decide whether or not an integrated approach is cost-effective. Some may decide to scale back and work remotely rather than pay for a physical central workplace, and man-guarding security.
So, what are the main arguments for remote and hybrid working?
What are the benefits of Hybrid and remote working?
One of the key trends to come from the pandemic is the emergence of the hybrid workplace. Health and safety concerns, and at times government law, have required employees to work from home when possible.
Although stipulations are relaxing, many have come to enjoy working from home and the flexibility of a hybrid workplace.
A study by Strathclyde University found that: “78 percent of respondents said they would prefer to work in the office for only two days or less.”
Perhaps, this is because employees are enjoying a better work-life balance without having to face the grind of the daily commute. Given the clear results of this study, we can almost certainly expect to see this trend continuing in the future.
These changes in work patterns and expectations also present an opportunity for organizations to streamline their workforce and decrease the cost of workplaces.
Businesses may forgo centralized worksites (where possible) to free rental costs, and to counteract the increase in the pay of physical security workers.
Security recruitment crisis
Security workers are in high demand currently, and with the lack of supply, many businesses are offering significantly higher wages to attract candidates. In fact, more than 40% of UK businesses with more than 10 employees are struggling to recruit.
Increasingly, businesses are looking at more cost-effective solutions to security. Employers may scale back operations and begin operating from home rather than having a physical security presence in an office building.
However, even customer-facing industries, such as those in the retail or service industries, may question their need for onsite security.
High-street workers may need to adapt to the lack of security by adding security duties to their roles. Personalised security passes and lanyards may become increasingly important for identifying personnel and restricting access to those without clearance.
But, what about the new wave of remote workers? What challenges do they face?
Increased Cyber Security demands
Although a hybrid approach has been beneficial for both businesses and employees, it does come with its drawbacks. Cybercrime is now more of an issue with an upsurge of activity during the pandemic. An estimated £6.2 million was lost to cyber scams at the height of the pandemic.
Organizations are increasingly vulnerable when using home-based employees. This is because their employees’ online devices, which may often be used to transfer sensitive corporate data, may be unsecured.
For example, home-based employees may be working on unsecured laptops or other mobile devices, using networks shared with other family members. Without thinking, they may also use the public internet to transfer sensitive corporate data.
This vulnerability to security breaches means an increase in employee and employer responsibility. Both will now need to be aware of the heightened risks.
Current digital challenges
With the increased obligation for digital security, employees may need to up-skill their security knowledge via regular training.
Interpol has released critical information to help spread awareness and simplify risk. Challenges include:
Among the biggest challenges are cyber criminals spamming the internet with malicious domains containing terms like coronavirus, coronavirus, covid19, and covid-19. Panic and curiosity have led many to search these terms and cybercriminals are exploiting this fear with dodgy domains – used for phishing and spreading malware.
Websites and interactive coronavirus maps often have Trojans, malware, and spyware embedded.
Trojans – as the name suggests – pretend to be harmless in order to attack. They hide in what appear to be normal files with the aim of taking over your computer, inserting malware, or stealing data.
Sickeningly, criminals are taking advantage of the increased demands on the healthcare industry by launching ransomware attacks. They count on them being so overwhelmed that they cannot afford to be locked out of their systems and are forced to pay.
Ransomware enters by exploiting vulnerabilities in a system’s security, as well as through infected email links, attachments, and compromised employee credentials.
However, it is not only the healthcare industry that has to worry. Criminals also use blackmail operations in their ransomware – threatening to auction off or release compromised data that may sensitive or embarrassing.
Cybercrime prevention tips
With many now working from home, it is essential they stay up to date with cybersecurity. Below are the latest tips from Interpol:
Keep information safe
- All important files should be backed up. They should be stored independently, such as on external hard drives or in a cloud.
- Always verify the legitimacy of a company’s website before entering any sensitive information such as login details.
Check your software and systems
- Install the latest anti-virus software on all devices.
- Secure email gateways.
- Secure any system administration vulnerabilities.
- Strengthen your home network.
- Disable any third-party or outdated components.
- Only download from trusted platforms.
- Regularly scan your computer for viruses.
- Talk to family members and staff about online safety.
- Regularly check privacy settings on social media and update when possible.
- Strengthen and update any passwords.
- Do not click on suspicious email links, such as from unknown senders.
- Alert police immediately if you are the victim of cybercrime.
Include Zero–trust security policies to secure data
A growing security trend is the rise of zero-trust policies, meaning: “trust no one who tries to access data or secured systems”.
It has been shown that the majority of data breaches are caused by compromised credentials. Zero-trust policies are implemented by limiting access using minimal permissions.
One-time passwords and three-factor authentication will also have increasing importance. Passwords themselves may become obsolete with identity verification offering better protection.