As companies grow and the business landscape becomes more competitive, companies will increasingly see remote work and the flexibility it offers as advantages for both them and their employees.
For workers, remote work provides greater efficiency and lower stress levels, with 82% of telecommuters reporting less stress and 30% saying it allowed them to accomplish more work in less time. And for employers, remote work can mean decreased overhead expenses that come with maintaining a fully in-person workforce. In fact, the average business could save $11,000 per remote worker per year.
But there’s a catch: More remote employees likely means more security risk. To gauge IT leaders’ thoughts on this, OpenVPN recently surveyed 250 of them about the potential of remote work and the quality of their organization’s security policies surrounding remote workers.
The Risk and Reward of Remote Work
The study found that, overwhelmingly, IT professionals believe that the benefits of remote work outweigh the risks, as 92% of respondents agreed. But those surveyed also noted the increased risks: 90% believe remote workers pose a security risk in general, and more than half (54%) believe that remote employees pose a greater security risk than on-site employees. Because of this, many organizations are trying to take steps to mitigate the risks of remote work, but they’re often missing the mark in some crucial areas.
Struggling to Execute
Securing remote work should start with a formalized policy that applies specifically to remote workers and that dictates the technology remote employees should and shouldn’t use. Tools such as VPNs and password managers prevent remote workers from carelessly using dangerous public Wi-Fi networks or relying on the same simple password for every account and device (something we know from a previous OpenVPN survey that 25% of employees do). Impressively, though, 93% of organizations already had a policy like this in place.
But in addition to a detailed remote worker security policy, organizations should hold continuous cybersecurity education sessions for remote workers. And while 90% said their organization requires that remote workers take part in cybersecurity training, 25% do so once annually. For most, this level of frequency isn’t ideal.
How to Shut Down the Vulnerability of Remote Work
Cyberthreats are increasing rapidly—in terms of both volume and sophistication—and leaders need to get their security measures under control quickly. Here are three steps organizations can take to better handle remote worker security.
- Revisit your policy often. Organizations are prone to developing a policy and then considering the initiative complete. They don’t make an effort to revisit it routinely, even though the cybersecurity space becomes riskier all the time. Your security policy deserves a regular slot on quarterly meeting agendas among C-suite executives so that the organization can hold itself accountable at the highest level for continuous security improvement.
- Find the best way to enforce the rules. Nearly half (49%) of IT leaders say they only somewhat agree that remote employees adhere to remote work policies. Any deviation from the policy puts the organization at risk, so make it impossible for your remote workers to work around it with elements like VPNs and denied access for personal devices. As new measures are rolled out, IT representatives should hold live meetings with remote workers to illustrate how they can meet the requirements. Make sure remote workers aren’t left out of regular security training and that they take required courses at least biannually.
- Put the security experts in charge. Forty-four percent of organizations do not let IT teams take the lead role in developing the remote work security policy. While it’s tempting to simply “loop in” IT and believe security is prioritized, no one approaches things from a truly security-first perspective like IT. If security is an initiative’s main point, IT should be heading the effort.
There’s no stopping the adoption of remote work. The modern work trend offers many benefits to organizations, such as greater access to talent and increased employee engagement. But it also creates unique security challenges, which organizations across the board aren’t yet equipped to handle. The pace of remote work’s rise isn’t slowing for anyone, so organizations must prioritize refining their policies sooner rather than later.
|Francis Dinha is the CEO and co-founder of OpenVPN, a security-focused open source VPN protocol. With more than 50 million downloads, OpenVPN has been in the open source networking space since its founding in 2004. Its Private Tunnel service provides “last mile” security to millions of consumer mobile devices, doing everything from online purchasing to checking bank accounts.|