How To Tackle Cybersecurity In A Hybrid Work Environment: A Cybersecurity Report


June 7, 2021 by Siobhan Climer and Mishaal Khan

This article was originally published in March of 2020.

Last year the world dealt with the global coronavirus pandemic. Health officials across the globe recommended social distancing and quarantining and greater attention toward basic hygienic practices. To facilitate the former, thousands of businesses embraced – wherever possible – remote work environments. Now that we are coming out the other side of this, hybrid models seem to be gaining traction.

Remote work increased 140% between 2005 and 2019.

cybersecurity in a remote work envrironment


In September 2019, we reported that more than 25% of Americans work remotely part of the time. The outbreak of Covid-19 prompted many employers to shift to a remote work environment to limit the spread of the virus, and the number of U.S. workers that engaged in a work-at-home or remote work role has grew tremendously as a result.

While there are many benefits to remote work, including greater productivity, lower operating costs, improved recruitment, and reduced carbon emissions, there are also numerous challenges.

One challenge companies face when moving to a remote work environment? Cybersecurity.

cybersecurity in a remote work environment


The Why: Remote Work Increases Cybersecurity Risk


Remote work without the added complexity of a global pandemic can increase cybersecurity risk – all on its own. With employees dispersed over multiple locations using unknown devices to send and receive sensitive data, the risk to the company grows immensely.


The Risk Increases With Crisis


From the now prolific Covid-19 Map Malware to scammers in the Midwest going door-to-door with fake “at-home Covid-19 testing kits”, criminals were quick to latch on to the coronavirus outbreak.

Figure 1: Recent News And Headlines Around Covid-19 Scams

cybersecurity in a remote work environment


As Flavius Plesu, founder and CEO of human risk intelligence firm OutThink told ZDNet,

“At times of crisis, hackers see opportunity.”

In one heartbreaking case, cybercriminals attacked a Covid-19 test and treatment hospital in the Czech Republic, forcing the hospital to shut down its entire network, reroute acute patients to a different hospital, and even postpone urgent surgeries.

Cybercriminals are expert social engineers who use fear and uncertainty to bait and attack unknowing victims. An event that impacts the globe, as in the case of Covid-19, provides an incredible opportunity for these criminals.

cybersecurity in a remote work environment


The Challenge: Cybersecurity In A Remote Work Environment


As we alluded to earlier, there are numerous challenges in a remote work environment. From an IT perspective, the encompassing perimeter security layer is erased, leaving the internal network and everything it houses at increased risk.

In fact, a recent OpenVPN study reported that 90% of IT professionals believe remote workers are not secure.

The 7 Layers Of Cybersecurity: What Happens If The Perimeter Is Gone?


cybersecurity in a remote work environment


With the perimeter layer absent, humans – both malicious outsiders and negligent insiders – have near-direct access to the interior security layers. For some enterprise organizations, they may have already taken steps to embrace edge computing; however, for many this security layer is instrumental in protecting mission-critical assets.

New call-to-action


The How: Tackle Cybersecurity In A Hybrid Work Environment


With the need to move employees to a hybrid work environment, businesses are forced to take on this added cybersecurity risk.

So, how can they make this necessary change securely – and fast?

cybersecurity in a remote work environment


Step 1: Get Strategic About Resources


Resources are going to be limited. Whether its VPN access, bandwidth, extra monitors, or the IT department’s time and people, a swift shift to a remote work environment is going to strain the team.

Determine what a minimally viable remote work environment requires and procure those resources first.


Step 2: Cover The Basics …


Anti-virus software, secure Wi-Fi, employee training – make sure the fundamentals are covered so employees are secure in their environments.

Make sure employees know to lock their computer screens if working in shared spaces (even if that’s at home).


cybersecurity in a remote work environmentStep 3:  … And Write Them Down


Ensure every employee has received (and read) your Work-at-Home or Hybrid Work Security Policy. Don’t have one? Make one. Even hardened cybersecurity experts click on phishing emails and fail to backup data. Start developing a cybersecurity culture at all levels.


Step 4: Secure The Network – Wherever


If you do not already have a VPN, get it now. An extended remote work environment means most employees will need to access network assets at some point. Ensure they do so securely with a VPN.


Step 5: MFA, Email Security, Content Filtering – And More


cybersecurity in a remote work environmentNow’s the time to harden your security controls. As Ira Winkler, President of Secure Mentem says, “It’s a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state.”

Don’t put the onus of cybersecurity on your employees. This is the time to assess, test, and harden your security posture to reduce overall risk in a remote work environment.


Step 6: Get Help


With strained resources and a seemingly constant in-flux state, you might need help. Mindsight feels it is our duty at this time to assist not only our loyal customers, but anyone in need of assistance in implementing remote work technology, structure, and security policies.

We’re here to help. Reach out today to start the conversation around how you can improve cybersecurity in a remote work environment.


Like what you read?

About Mindsight

Mindsight is industry recognized for delivering secure IT solutions and thought leadership that address your infrastructure and communications needs. Our engineers are expert level only – and they’re known as the most respected and valued engineering team based in Chicago, serving emerging to enterprise organizations around the globe. That’s why clients trust Mindsight as an extension of their IT team.

Visit us at

About The Authors

Mishaal Khan, Mindsight’s Senior Security Solutions Architect, has been breaking – and thankfully – rebuilding computers for as long as he can remember. As a Certified Ethical Hacker (CEH), CCIE R&S, Security Practitioner, and Certified Social Engineer Pentester, Mishaal offers insight into the often murky world of cybersecurity. Mishaal brings a multinational perspective to the business security posture, and he has consulted with SMBs, schools, governments, and global enterprises, seeking to spread awareness in security, privacy, and open source intelligence.

Siobhan Climer writes about technology trends in education, healthcare, and business. With over a decade of experience communicating complex concepts around everything from cybersecurity to neuroscience, Siobhan is an expert at breaking down technical and scientific principles so that everyone takes away valuable insights. When she’s not writing tech, she’s reading and writing fantasy, hiking, and exploring the world with her twin daughters. Find her on twitter @techtalksio.

How Cisco Umbrella Stops Command and Control Attacks

Related Articles

View All Blog Posts

Contact Us
close slider


Fill out the form below to get the answers you need from one of Mindsight's experts.

hbspt.forms.create({ portalId: "99242", formId: "dfd06c5c-0392-4cbf-b2cb-d7fb4e636b7f" });