Companies are transitioning to hybrid work models, affording their employees more flexibility which, in turn, attracts more talent, improves retention, and encourages productivity.
The sudden, dramatic shift to remote work just a couple years ago facilitated rapid digital transformations, virtualizing almost everything from paper documents to boardrooms to IT infrastructure. Digital transformation has brought significant benefits to organizations in all sectors, improving information management, workflow efficiencies, employee satisfaction, and enhancing client service. These key business benefits have become essential in an increasingly competitive market.
However, along with the added benefits comes significant risks.
Since March 2020, the Canadian Centre for Cyber Security reports nearly a quarter of Canadian small businesses experienced some type of malign cyber incidents, and experts estimate the actual figure to be much higher.
As Canadian organizations transition to a more digitized, hybrid work model, with employees accessing systems from different locations and devices, they are exposed to more risk for three primary reasons:
1. Remote/hybrid employees have a larger attack surface, both digital and physical.
2. The complexity of managing a hybrid network and remote users, combined with the increased risk it presents, puts significantly higher demands on IT departments, which can result in critical security gaps in infrastructure.
3. The number of opportunistic and targeted cyber attacks are on the rise since the shift to remote work and experts expect this to continue.

The most common cyber attack on remote and hybrid workers

Cyber criminals use a variety of methods to attack businesses, however, phishing emails are the most common, as they exploit the primary vulnerability in the hybrid workplace – its employees.
Phishing emails are typically used for two primary objectives:
Credentials theft
The goal of a credential seeking phishing email is to convince the target to click a malicious link, visit their website and insert their username and password under the impression that they’re a legitimate account, such as bank or retail offer. Another method is to stealthily load keylogging software onto the user’s device, which then records and transmits their credentials back to the cyber criminals, effectively handing them keys to the network.
Ransomware
Canada often ranks among the top countries impacted by ransomware, and in just the first half of 2021, the number of attacks increased by a shocking 151%. Opportunistic ransomware attackers will send out phishing emails with links that when clicked, launch ransomware on the user’s device. This is done quietly, without the user noticing, so that the ransomware can spread through their files and into shared network folders, encrypting and locking down data as it penetrates deeper. Oftentimes, organizations don’t know they’ve been infiltrated until they suddenly can’t access critical files, and a notice pops up demanding a ransom payment.
There are other remote user cyber attacks including viruses, spyware, worms, and trojans. Strong endpoint protection can catch most of these, however, phishing requires more than technology to prevent system infection – it also requires employee attention.
If you’re interested in learning about how you can add a second layer of protection to your organization, consider Ricoh’s RansomCare.

What companies can do to protect themselves

Despite the challenges, businesses can – and should – quickly address today’s challenges and protect themselves and their employees from cyber threats. This is especially true for small businesses who are at serious risk as cyber criminals view them as “low-hanging fruit”
Organizations of any size can affordably protect themselves with enterprise-level security. Here’s where to start.
Change employee behaviours
Empower your employees to become your first line of defence against cyber threats. Educating them about the risks, how to spot a phishing email, and cyber security best practices to follow will go a long way toward protecting your business.  There are a number of cyber security training modules on the market, many of which offer testing and reports to ensure employee are engaged and vigilant.
Assemble your leadership and technology teams to define – in writing – policies and a plan to implement them. Policies should address user behaviour, alongside company practices, technologies, and education to support users and protect your data.
While the specifics will vary from one company to another, they should include technologies like endpoint and network protection. Your policies should also address basic security measures including:
– Passwords. Using strong passwords is a must. Passwords should be reset often, at least every 90 days. Weak passwords remain a problem for many businesses and individuals which, while understandable with so many passwords needed today, does create a security risk. You want to educate your staff on what constitutes a strong password, require password updates regularly using alerts to remind users, and share tools they can use to simplify password management.
– Use of mobile devices. Employees should not use personal devices for work-related activities. Company-issued devices should be secured with pin codes or passwords. Company devices should also never be shared or used for personal activities.
– Education. Provide regular education to keep employees informed about current phishing scams and ransomware along with how to deal with suspicious notifications, emails, and other communications in a safe way. Education is an essential part of policy to ensure all employees understand and are aware of their responsibility to keep company information secure.

Secure your IT infrastructure

With a hybrid workforce, there is a lot of technology options to stay connected. To ensure secured infrastructure, consider using the following:
– Multi-factor authentication. With multi-factor authentication (MFA), you add an extra level of protection around your network and data by requiring users to verify their login credentials in multiple, independent ways. For example, you could have a user provide a randomly generated code sent to their mobile device or email address to complete logging into a system, after they have already entered their username and password.
– Endpoint protection. Because of the increased risks that come with remote operations, hybrid companies should implement anti threat systems that prevent, detect and act on potential threats. AI-based solutions such as SentinelOne use machine learning to monitor the network and immediately recognize any unusual behaviours. Once an alert is triggered, security specialists can act quickly to remediate the problem and prevent damage.
– Secure traffic with VPN, firewall and switches. Implementing a virtual private network (VPN) provides employees secured access to your network. Unless you have gone to a cloud application-only infrastructure, you must use VPN to keep your data encrypted and your network secured. VPNs should be secured with next gen firewalls that provide real-time reporting on threats that bypass endpoint protections. Hybrid Intelligence combines both human and machine learning to apply rules to specific applications and other functions allow or deny traffic to flow through to the network.
To get a clear picture of your business risk and identify any gaps in your IT security, consider booking a security assessment with Ricoh. Book an assessment today.