Cloud computing, along with the rapid rise of mobile technologies, has transformed the way we work. Any location can become the office; airports and train stations, restaurants and cafes, it really doesn’t matter as long as an internet connection is available. This provides users round-the-clock connectivity to their work and unshackles them of both the geographical and logistical constraints of a typical office.
It also provides the flexibility for users to manage their working hours around their schedules. For employers, it can support increased work rates and productivity, and also prove to be cost effective in certain scenarios; particularly in acquiring a remote workforce or decreasing real estate. With access to the same information and data as in the office, work can continue as normal.
However, remote access comes with its own set of security challenges that both employers and employees should be aware of. Let’s break them down and take a look at the precautions you should be taking.
When employees need to work remotely, they may think a good alternative to lugging around their office computer is to use their own device, however, this has the potential to cause huge security threats. Employees’ own devices will not be aligned to the same security practices or policies as company owned hardware. If their devices are compromised by malware, before or after accessing the cloud to work remotely, this poses massive security concerns for all the business systems. Also, if an employee leaves the company, this potentially allows them access to data and information they should no longer have access to, making this a particularly important consideration for employers.
If employees are going to use their own devices, businesses should consider implementing a ‘bring your own device’ policy to ensure security practices are upheld and access to data and intellectual property is controlled.
Home networks typically don’t employ the same level of security as corporate ones. They’re often set up for easy connectivity and sharing, and there’s no way of knowing if they even have basic level anti-virus installed. This poses a security threat because malware can spread more easily through any of the devices connected to the network, including the device used by an employee. If this device is also connected to the company’s network remotely, this can cause further damage, potentially escalating it to a much wider breach.
Public Wi-Fi is similar in its security concerns. Allowing multiple devices to access internet connections is now seen as a fundamental resource of public spaces, especially cafes and other hospitality venues, however, this can pose a huge security threat. As the network is open for all to use, anyone that has the network’s password can view the traffic. In other words, everything you are using the internet for is potentially open for viewing unless it is encrypted. This includes websites, applications, and of course potentially sensitive company data and information.
With untrusted networks, the best solution is fairly simple; don’t use them. Opt for unlimited data plans with mobile network providers and utilise your hotspot instead. But if you must use public Wi-Fi for any reason, consider using a VPN to mask your activities through encryption.
These features make connectivity quick and convenient for users. Automatic connectivity to Wi-Fi often happens in the background without the need for user intervention. However, devices will connect to any Wi-Fi name and password it recognises. This means an attacker can potentially set up a network with the same credentials and trick the device into connecting to it, posing a huge security threat.
Another security risk, particularly in mobile devices, is Bluetooth connectivity settings which automatically scan and connect to other devices. This setting can also be exploited.
It’s also worth mentioning here the functions that allow devices to share passwords and login credentials with other devices. This again creates unnecessary vulnerabilities and can help malware spread between devices. Although it may take slightly longer to connect or login, it’s a more secure option to disable these auto-connect settings.
It may seem obvious but working remotely means carrying or storing connected devices outside of the office. This poses the potential of loss or theft, and a stolen device in the wrong hands can be used to access company data and information, especially if the device is already logged in or saves login details. Always log out on connected devices, and never use login detail save functions. It’s worth considering and implementing encryption techniques to prevent unauthorised access to documents and data.
It’s also worth mentioning the theft of passwords through ‘shoulder surfing’. If someone is watching you enter your password, a real possibility when working in public spaces, it completely opens up the device or account to be hacked. It’s very important anyone entering a password in a public space is aware of their surroundings and who could potentially view them enter it. And of course, it goes without saying, do not use the same password across multiple accounts.
We hope this blog post has been useful. Working remotely doesn’t have to be dangerous if the correct security practices are enforced. If you have any questions, please don’t hesitate to get in touch.
Matthew is Secura’s content specialist, producing gripping, emotionally complex, edge of your seat, cloud hosting articles and videos.
Tweet me at: