Jun 01, 2023
According to a Digital Defense Report published by Microsoft in 2021, the private industry's support of remote work, in addition to factors introduced by the COVID-19 pandemic, has made remote workers a lot more susceptible to the actions of cybercriminals. Per the 2021 Microsoft report, "While most industries made the shift to remote work due to the pandemic, it created new attack surfaces for cybercriminals to take advantage of, such as home devices being used for business purposes."
As you can infer, for companies that employ remote workers, it is important to implement training measures that teach them all about various cybersecurity dangers. But what should the training process look like?
Let's explore some areas of consideration for your training process. These suggestions have been put forth by SANS Security Awareness in its Security Awareness Deployment Guide that covers how to securely work from home. The SANS guide outlines the core cybersecurity risks that remote employees are most likely to face as they work from the comfort of their homes.
Risk No. 1: Social engineering attacks
Social engineering attacks are one of the most dangerous and frequent risks that remote workers face while on the job from home. In essence, social engineering risks refer to situations where remote workers face psychological attacks. In these instances, the social engineering perpetrator tricks remote workers into making mistakes.
The perpetrators do this by taking advantage of vulnerabilities that remote workers deal with during difficult times involving a lot of change. You can think of the COVID-19 pandemic as a prime example of a time when social engineering risks were very prominent.
However, rather than focusing strictly on phishing attacks via email, it is important that employers pay attention to other modes of social engineering attacks, such as via text, over the phone, on social media and through the spread of fake news.
Risk No. 2: Not having strong passwords
A main cause of global data breaches is none other than weak passwords. Though not the only contributing factor, weak passwords put remote workers at risk of having their information stolen or compromised. To counter the likelihood of your remote employees being subjected to data breaches, make sure you train them on the importance of strong passwords and how they can reduce password-related risks.
During the training period, consider addressing the following points:
Risk No. 3: Using outdated systems instead of updating them
Something else to keep in mind is that out-of-date technologies are gold mines for cybercriminals who want to target remote workers. To combat this, take measures to ensure that the operating systems, online applications, mobile applications and other forms of technologies that are used by your remote employees are always updated.
Also, remote employees who use their own personal devices for work-related tasks should be advised about the importance of keeping their systems updated too. For example, remote workers can enable automatic updates, which is especially helpful if updating devices is something your remote workers put off or forget to manually do.
3 more cybersecurity topics to cover in training
For starters, you'll want to let your employees know about the importance of identifying and addressing suspicious online activity. Let your employees know what suspicious activity looks like and how they can report any suspicious activity they see.
From there, let your employees know that if they work remotely outside their own homes, they are still in harm's way given the public nature of their workplace. As such, make sure they consider the cybersecurity threats associated with their daily work routines.
Finally, inform your remote workers about the importance of keeping their work-related technology private. Relay the fact that they should not let unauthorized persons access their work-related technology, including family and friends.
Make it a point to offer cybersecurity training to all remote employees
Training new remote employees on all things cybersecurity during orientation is always a wise idea. For remote employees who have been with your company for a longer period of time, make sure you provide training periodically so that your long-term remote employees are educated on critical cybersecurity developments as they arise.
To ensure that the training you provide to your employees is accurate, up to date and thorough, consider hosting training sessions that are led by remote-work cybersecurity experts.
©2023
Jan 15, 2026
Are you paying too much for paid time off? Read through to discover a way to cut PTO costs without cutting back on employee benefits.
Jan 14, 2026
The Department of the Treasury and the Internal Revenue Service are providing guidance on OBBBA-expanded Health Savings Account eligibility that allows more people to save and pay for healthcare costs. Read through for more details to help you file accurately.
Jan 13, 2026
It's absolutely essential to distinguish between independent contractors and employees. The penalties for making a mistake here can be severe. Read through for a quick guide to make right.
Jan 12, 2026
It's important and complex: the annual change notice for mileage rates for business. The rules can get confusing, and there are choices you need to make based on your situation. Read through for an overview of how the deduction rules work.
Dec 18, 2025
The One Big Beautiful Bill Act, signed into law on July 4, 2025, introduced a significant change to business taxes by making it permanent for businesses to deduct 100% of the cost of certain assets in the year they are purchased. Read through for an introduction to what this means, why it matters and how it works.
Dec 17, 2025
The One Big Beautiful Bill Act, recently signed into law, extends most of the Tax Cuts and Jobs Act’s provisions, adds new tax laws, and ends some tax provisions. The new rules are complex and controversial. Read through to see how they may affect you.
More News & Press can be found in our Archive.
