Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Business

Best behaviour: How to do hybrid working securely

Best behaviour: How to do hybrid working securely

By Rasika Somasiri, cyber and data privacy expert at PA Consulting

Staff are returning to the office and it looks like hybrid working is the new normal

Almost 18 months since the start of the Coronavirus pandemic, many organisations are now beginning to return their people to the office in some capacity. However, the need to maintain a level of social distancing, coupled with the recognition that office space is costly and not always essential, has meant that thinking has moved on.

Many organisations have revisited their office footprint and as a result, hybrid working (splitting time between office and home) is fast becoming the new normal. Employers want the efficiency that it offers whilst employees are keen to retain the flexibility that they have grown accustomed to. A recent survey of 30,000 staff at Microsoft supports this, with 73% saying that they want flexible remote working options to stay.

We’ve picked up some bad cyber security habits whilst working from home

The problem is that we’ve picked up some bad security habits whilst working from home, that expose organisations to heightened risk if they continue into hybrid working practices.

The shift from office to home working was sudden. Many of us were faced with genuine challenges around how to make the model work, against the backdrop of a global pandemic that grew far faster than most of us were expecting. We faced pressing personal challenges like how we supported our kids’ learning whilst their schools were shut, or how elderly relatives got their groceries. Cyber security just wasn’t high enough on the agenda, and because of that, it suffered.

Laptops were left unlocked a little longer than they should have been. Response rates to phishing emails went up as we absent-mindedly followed interesting sounding links from email addresses that we didn’t recognise. Corporate laptops started being used by family members sharing the same Amazon Prime account. A recent research survey conducted by AT&T on workers in the UK and Germany found that 54% of employees are using corporate devices for personal reasons, with many admitting connecting to anything from smart TVs to fitness equipment.

Part of this behavioural change is linked to changing perceptions around work, and how we view the rules associated with it – when there isn’t that defined spatial separation between work and home. As we move further away from the closed corporate office environment, we feel less of a desire to comply with the rule sets that are associated with them. Put simply, the difference between working from the office and working from home is that we relax a little. From a cyber security perspective, this is risky.

Overlaying this change in behaviour with the fact that hybrid working is harder to secure (e.g. more locations, more devices and more varied working patterns) means a significant increase in cyber-attack risk. If we don’t address that change and correct it, that risk will persist.

We need to build on the things we have learned and raise our game

A lot of good has come from the changes to ways of working we have seen since the pandemic hit. Collaborative technology platforms like Teams or Zoom have massively increased the ability for remote colleagues to engage creatively, and we have all learned to be more flexible and supportive in how we work with each other.

We need to carry those things forward into the hybrid working world, but we need to do that on sound security foundations.

We need to remind ourselves of the commitments that we made when we signed up. That means dusting off IT policies that cover things like personal versus professional laptop use, and the security precautions that we need to take. If you can’t remember whether visiting home shopping sites or emailing friends is allowed, now is probably a good time to check with your technology or HR departments on authorised usage. If you are sharing the same password across multiple accounts, now would be a good time to stop.

Thinking about hybrid working, and what that means, is important too. Look at the relationship between personal devices (your phone, your computer or even your smart speaker) and data belonging to the organisation you work for, because in the main it is best if they are kept separate. If you aren’t used to taking your laptop home with you, think about how safe your personal bag is if it is ever left alone – and treat your work equipment with the same level of care. Try and avoid the temptation of emailing your Gmail account too, no matter how much you prefer your home PC.

Consider also where your information might be vulnerable and how an attacker might take advantage. The volume of phishing emails that purported to be from corporate helpdesks increased massively at the start of the pandemic, as attackers took advantage of the fact that end users were coming to grips with their new working arrangements and looking for help. Think carefully when an external email lands in your inbox. Has it been structured to arouse your attention or provoke fear or sympathy? Pause for a moment and reflect. Is the author trying to get you to do something you probably shouldn’t? Many of the phishing emails that are sent contain obvious spelling mistakes and grammatical errors, but they are getting better and we need to be ready for them.

Hybrid working is here, and it is here to stay. As we make the transition from home to hybrid, we should set ourselves up to take advantage of every opportunity that it offers, whilst at the same time ensuring that we do so safely.

References

  1. https://about.att.com/story/2021/att_cybersecurity_survey.html
  2. 25% of UK Workers Let Their Children Use Their Work Device – Infosecurity Magazine (infosecurity-magazine.com)
  3. https://yougov.co.uk/topics/economy/articles-reports/2021/04/13/one-five-want-work-home-full-time-after-pandemic
  4. https://www.microsoft.com/en-us/worklab/work-trend-index/hybrid-work

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post