Five recommendations for data security in hybrid work

Five recommendations for data security in hybrid work

Cristina Moldovan, Business Development and Sales Manager for Endpoint Protector by CoSoSys, explains how to maintain data security in companies that have chosen the hybrid work model.

Cristina Moldovan, Business Development and Sales Manager for Endpoint Protector by CoSoSys

One of the new work policies that emerged with the pandemic was hybrid work. According to the 18th edition of the Robert Half Confidence Index, the model will be used in 2022 by 48% of the companies surveyed.

Many organizations such as Google, Facebook and Salesforce have announced plans to combine remote work with time in the office.

In addition to the opportunities, embracing a hybrid work model presents several challenges, such as providing employees with the right technology and implementing new policies to manage the team.

The way of working becomes mobile using devices and networks that lead to greater adoption of cloud collaboration technologies for the sharing of potentially confidential information between colleagues. It creates new cybersecurity challenges for businesses.

Here are some recommendations to ensure the security of this hybrid work model and also balance accessibility for companies.

1. Strengthen device security: Employee devices for work-related tasks should be kept up-to-date with the latest antivirus to reduce the risk of external threats. For risks originating within the organization, a Data Loss Prevention (DLP) solution must be implemented to minimize the risk of data loss, leakage and theft.

2. Optimize productivity and collaboration: In a hybrid workspace, it’s crucial for business to balance collaboration security and employee productivity. Without proper controls, collaboration tools can expose your organization to risk. Internal threats are  present when the team uses workflow collaboration tools. They can take different forms, for example, accidentally sharing a customer database, intentionally disclosing company business plans or sending sensitive data to the public cloud. DLP solutions with content-aware protection capabilities can help to reduce these security risks by monitoring and blocking sensitive data being shared.

3. Adopt Zero Trust: ‘Never trust, always verify’ is the basic principle of Zero Trust and means that there is no implicit trust granted to networks, systems or data. If the organization adopts a hybrid model, it means a mobile workforce and the need to protect people, devices, applications and data, regardless of their location. In this case, DLP solutions support the Zero Trust concept and everything is blocked, allowing access to content according to the needs of each employee.

4. Secure cloud-based solutions and services: These are often used in hybrid work environments as they offer flexibility, accessibility and scalability. Some of the best practices for protecting information in these environments are monitoring, controlling and limiting file access, keeping network security up-to-date and using strong passwords. Another strategy involves encrypting sensitive data before transferring it to the cloud.

5. Train the workforce: A new work model emerges with new threats and demands that require awareness. It means that security efforts are incomplete without employee training. For example, if a company wants to remain as efficient as possible in a flexible working environment, it should consider (re)training employees, especially those  working in a hybrid or fully remote model. One tip is to focus on the threats they need to be aware of, as well as cybersecurity best practices they need to know about.

Browse our latest issue

Intelligent CXO

View Magazine Archive