Despite the evident benefits of remote work, data security risks have increased in line with this new normal. The remote working environment can feel somewhat precarious to employees who understand the value of sensitive data assets but who feel more exposed to accidental or malicious data loss incidents at home. This article describes how data loss prevention helps to improve remote employee satisfaction by providing a robust safeguard against data breaches and accidental causes of unauthorized disclosure.
Remote Employees: The New Normal
The coronavirus pandemic rapidly accelerated the adoption of a long-predicted rise in remote work options for many employees. With a couple of years of data showing a minimal impact on employee productivity, companies embraced ongoing remote workforce arrangements, either as a hybrid model or fully remote. Recent statistics show 58 percent of Americans have the choice to work from home at least one day per week.
Remote team members easily communicate using messaging collaboration tools like Slack, social media platforms like LinkedIn, or video conferencing apps like Zoom for video call functionality and face-to-face contact. While in-person contact with co-workers remains valuable, many view it as unnecessary to work on-premise on a full-time basis.
An improved work-life balance is an obvious attraction for the retention of some kind of remote work arrangement. The lack of a commute easily saves a couple of hours per day for many people. These hours can then be spent on other aspects of employees’ personal lives that they view as important, such as hobbies or family time.
Remote Work and Cybersecurity Fears
Phishing Scams
Opportunistic hackers know that remote workers are more likely to fall for phishing scams without being able to get colleagues to verify the authenticity of requests or emails in real-time. It also seems that remote workflows and even the working environment might contribute to the success of phishing—47% of employees cite distraction as the reason for falling for a phishing scam while working from home.
While increased awareness about phishing prevalence is a good thing, it doesn’t exactly contribute to employee satisfaction when they remain on edge about every email they receive and whether it contains malware or links that might lead to data loss if clicked.
Unsecured Wi-Fi
The Wi-Fi networks that employees connect to while accessing company apps and data remotely aren’t necessarily secure. Risks include connecting to fake Wi-Fi hotspots where hackers can snoop on traffic, steal authentication cookies, and download data from business apps or systems.
When employees access legitimate public Wi-Fi networks at cafes or libraries, the networks are often open and easy to intercept information on. In 2021, a Tel Aviv researcher managed to break into 70 percent of 5,000 sample Wi-Fi networks in the city.
Using the Same Device for Work and Personal Computing
Ideally, remote workers would have their own work-specific laptops from which they connect to corporate assets. Unfortunately, a small business might not be able to afford this type of investment. At other companies, less stringent remote work policies allow for connecting to business data and apps from a range of employee-owned endpoints, including laptops, personal computers, and mobile devices.
Using the same device for work and personal computing feels inherently less secure. Employees are likely to feel limited in what software they should download for personal use or what websites they should access, even when they use computers outside of working hours. This can trickle into work hours and add tension to daily work activities.
High-Profile Data Breaches Involving Remote Workers
Increased media scrutiny around remote work-related data breaches also doesn’t help ease the cybersecurity fears of employees. Some of the following examples relate to either human error at home or hacks exploiting remote workspace tools:
- A hacker broke into video game maker Rockstar’s Slack channel in 2022 and managed to steal proprietary information relating to an upcoming video game.
- In 2021, hackers used stolen credentials to access an internal Slack channel at EA, exfiltrating 780 gigabytes of data in the process.
- The infamous Colonial Pipeline ransomware attack all started by hacking a VPN account, often used by remote workers to connect to IT apps and other business tools.
- A 17-year-old hacker broke into several famous Twitter accounts in 2020 by first compromising accounts belonging to Twitter employees who worked remotely and had access to internal tools.
Data Loss Prevention Meets Remote Work Challenges
Data loss prevention tools provide an effective way to protect your data against unauthorized sharing, transfers, or exposure. These tools work by discovering, monitoring, and protecting sensitive data assets. Ideally, you’ll want a solution in place that works across multiple operating systems, including Windows, Linux, and Mac to reflect the range of different devices and operating systems that remote workers use.
Look out for content-aware protection to take control at the endpoint and block transfers of data to risky areas like Google Drive or Slack channels. The ability to encrypt or delete data at rest on employee devices can ease employee concerns about remote work and the ways in which they could accidentally leave information exposed on their devices.
Overall, knowing that a best-in-class DLP tool is working in the background on their devices is likely to improve remote worker satisfaction. With a far reduced chance of accidental data loss or leaks, workers can focus on the tasks that matter without cybersecurity fears, while enjoying the perks of WFH.
Endpoint Protector offers remote work protection to prevent data leaks from mobile and remote employees.
Frequently Asked Questions
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.