Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecurityCybersecurity News

Remote work lingers: Top 3 ways to keep employee devices secure

National Cybersecurity Awareness Month: Securing Devices at Home and Work

By Will Bass
NCSAM
October 14, 2020

Reflecting on the beginning of the pandemic, few people anticipated organizations would still be working remotely today. Quickly shifting earlier this year, IT teams worked swiftly to ensure that employees could access the necessary information to get their jobs done from home environments.

Today, as an increasing number of organizations, including top tech companies like Google, Twitter and Facebook, have announced extended remote work plans, IT teams must ensure employee devices are secured to sustain the long haul. With IT burnout high, user awareness low, and malicious activity rising, this is often easier said than done.

Below are my top three tips for IT teams to ensure employee devices remain secure as remote work looms.

 

1. Configure, monitor and protect remote devices and platforms

Ideally, before the pandemic began, IT teams would have had centralized administrator systems configured to manage all employee devices remotely. With a centralized system in place, administrators have access to what often amounts to thousands of devices through the corporate environment. But, for many organizations, this may not have been the case.

Today, most employees don’t have the luxury of stopping by their IT department’s office for help addressing an alert or computer crash, so issues may be missed. According to recent data, IT departments are receiving an influx of tickets, especially from mid-level employees, for hardware and software alerts and security and policy management.

Detecting device threats have become much more challenging for IT departments. Previously, if a hacker compromised a user’s system, the corporate infrastructure was equipped with various preventative and detective elements. While remote, though, organizations cannot always ensure employees work in a secure environment, making it that much more challenging to detect and prevent malicious actions on a user’s system.

In order to better address these remote difficulties, IT departments must configure their centralized administrator platforms if they are not already in place. Once configured, they should promote and ensure the use of the secure communication channels and use a zero trust strategy when possible.

Beyond this, IT departments must also address the bring your own device (BYOD) challenges. While at home, many employees will, at some point, use their personal devices to log on to corporate networks, especially if a corporate device breaks. But personal devices are not always secure. In fact, according to recent Flexential research, more than half of the people surveyed are concerned about their personal computing device getting hacked since COVID-19 started. With this in mind, if the organization has not achieved zero trust it’s especially important IT departments approach BYOD strategically.

To do so, IT staff should first implement multi-factor authentication for all employees accessing corporate networks. They should then create security checks to alert when a new device enters the network, and ensure this device is proactively checked by anti-malware software. They should also design remote access solutions using network segmentation to direct non-corporate devices to an isolated network. These networks should have different restrictions and limitations dictating what this device can do on the network once logged in.

 

2. Implement assessment strategies to identify the riskiest devices and users

In remote environments, it’s easy for employees to become lax in their security awareness and open their devices up to hackers. This is why, today, more than ever, security and awareness training is critical.

Throughout the pandemic, businesses of all kinds have seen an influx of cyberactivity, with impersonation attacks continuing to accelerate and ransomware simultaneously on the rise. Malicious actors know they have the opportunity to target individuals using fear tactics based on the latest news, like sending a phishing email specific to the latest COVID-19 or election update.

As such, organizations must continuously make sure employees know the latest threats on the horizon and educate them on what to look for. This means implementing short, consistent, specific and visual training practices. Training should be kept short so that employees do not zone out. Content should be specific to current concerns and spaced effectively instead of blasting employees with long, redundant cybersecurity information. Regularly sharing informative and interactive training content means cybersecurity becomes a part of every employees’ routines. IT teams should also use pictures and videos to make content more consumable.

Once training is in place, IT teams should implement specific assessment strategies to consistently identify the riskiest devices and users on the network. This includes regularly testing users with phishing simulations. By doing this, IT teams will get a better understanding of the specific devices that could potentially open the enterprise network to the most risk. They can then work with specific employees to better understand cybersecurity best practices and more frequently monitor activity on said device.

 

3. Re-evaluate your long-term security and data protection plans

Flexential’s data shows most organizations believe they will be working remotely for at least 5-12 more months. Knowing that many enterprise teams will either not return to the office until 2021, or will take a hybrid approach to remote and in-office work, organizations should take this time to update their long-term IT strategy. Also, since it’s budget planning season, now is the time for IT departments to shed light on the devices, tools, platforms and staffing needed to ensure their remote workforce is protected for the long haul.

Organizations should ask themselves the following questions: Do we need new or additional laptops for employees? Do we need to implement a new VDI or zero trust platform? Are we looking at a new video conferencing platform to help employees stay connected? Whether it’s hardware, software, or staff, all of these elements take funding and time. IT departments must coordinate with executive leadership to ensure this funding is secured.

It is also the time to evaluate how your enterprise data protection strategies have shifted with COVID-19 and remote work. According to recent Flexential data, almost half of individuals surveyed said their company has not made any process or technology changes to their data protection policies as a result of COVID and/or remote work. This points to a significant gap in companies that are not evolving their backup and disaster recovery plans during times like these when the vulnerability is heightened.

It’s critical organizations change their approach, strengthening their data protection and cybersecurity education policies. Organizations should be outlining how IT teams will physically access server rooms safely without exposure to COVID-19, how employees can access networks from home in the event corporate systems do go down, and ensuring the right plans are in place to recover from a ransomware attack or a disaster.

By effectively planning, organizations can approach remote security and data protection much differently than earlier this year when businesses were moving fast to shift employees to at-home environments.

 

Keep devices protected for the long haul

Remote work has opened corporate networks to a slew of vulnerabilities we have never experienced. It’s up to IT departments and enterprise leadership to ensure employees are well-equipped to keep their devices protected. Taking the time to plan now will ensure organizations working remotely for months and years to come are prepared and secure for the long haul.

KEYWORDS: COVID-19 cyber security information security Internet of Things (IoT) remote work

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Will bass flexential headshot

Will Bass is Vice President of Cybersecurity Services at Flexential Professional Services. As the VP,  Will leads the cybersecurity practice which provides security, risk, and compliance assessments, incident response, penetration testing, disaster recovery, and cybersecurity program management to customers across various industries. Will holds numerous certifications including CISSP, CISA, CDPSE, and PMP and has over 20 years of enterprise IT experience in cybersecurity, architecture, consulting, and infrastructure. Will can be found on LinkedIn and Twitter.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Red laptop

Cybersecurity leaders discuss Oracle’s second recent hack

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • NCSAM

    The future of connected devices

    See More
  • cyber remote work

    3 ways to ensure network security with a shift to remote work

    See More
  • cyber laptop2

    3 Ways to Get Endpoint Security Back Under Control in the New Remote World of Work

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing