Jun 01, 2023
According to a Digital Defense Report published by Microsoft in 2021, the private industry's support of remote work, in addition to factors introduced by the COVID-19 pandemic, has made remote workers a lot more susceptible to the actions of cybercriminals. Per the 2021 Microsoft report, "While most industries made the shift to remote work due to the pandemic, it created new attack surfaces for cybercriminals to take advantage of, such as home devices being used for business purposes."
As you can infer, for companies that employ remote workers, it is important to implement training measures that teach them all about various cybersecurity dangers. But what should the training process look like?
Let's explore some areas of consideration for your training process. These suggestions have been put forth by SANS Security Awareness in its Security Awareness Deployment Guide that covers how to securely work from home. The SANS guide outlines the core cybersecurity risks that remote employees are most likely to face as they work from the comfort of their homes.
Risk No. 1: Social engineering attacks
Social engineering attacks are one of the most dangerous and frequent risks that remote workers face while on the job from home. In essence, social engineering risks refer to situations where remote workers face psychological attacks. In these instances, the social engineering perpetrator tricks remote workers into making mistakes.
The perpetrators do this by taking advantage of vulnerabilities that remote workers deal with during difficult times involving a lot of change. You can think of the COVID-19 pandemic as a prime example of a time when social engineering risks were very prominent.
However, rather than focusing strictly on phishing attacks via email, it is important that employers pay attention to other modes of social engineering attacks, such as via text, over the phone, on social media and through the spread of fake news.
Risk No. 2: Not having strong passwords
A main cause of global data breaches is none other than weak passwords. Though not the only contributing factor, weak passwords put remote workers at risk of having their information stolen or compromised. To counter the likelihood of your remote employees being subjected to data breaches, make sure you train them on the importance of strong passwords and how they can reduce password-related risks.
During the training period, consider addressing the following points:
Risk No. 3: Using outdated systems instead of updating them
Something else to keep in mind is that out-of-date technologies are gold mines for cybercriminals who want to target remote workers. To combat this, take measures to ensure that the operating systems, online applications, mobile applications and other forms of technologies that are used by your remote employees are always updated.
Also, remote employees who use their own personal devices for work-related tasks should be advised about the importance of keeping their systems updated too. For example, remote workers can enable automatic updates, which is especially helpful if updating devices is something your remote workers put off or forget to manually do.
3 more cybersecurity topics to cover in training
For starters, you'll want to let your employees know about the importance of identifying and addressing suspicious online activity. Let your employees know what suspicious activity looks like and how they can report any suspicious activity they see.
From there, let your employees know that if they work remotely outside their own homes, they are still in harm's way given the public nature of their workplace. As such, make sure they consider the cybersecurity threats associated with their daily work routines.
Finally, inform your remote workers about the importance of keeping their work-related technology private. Relay the fact that they should not let unauthorized persons access their work-related technology, including family and friends.
Make it a point to offer cybersecurity training to all remote employees
Training new remote employees on all things cybersecurity during orientation is always a wise idea. For remote employees who have been with your company for a longer period of time, make sure you provide training periodically so that your long-term remote employees are educated on critical cybersecurity developments as they arise.
To ensure that the training you provide to your employees is accurate, up to date and thorough, consider hosting training sessions that are led by remote-work cybersecurity experts.
©2023
Aug 29, 2025
Once, employees approaching retirement age could look forward to a long, relaxing post-work life. For much of the 55+ crowd, this is no longer the case, with many forestalling retirement for as long as possible. Read through for advice on employing silver workers in your organization.
Aug 28, 2025
For any company to treat their employees with respect and fairness, it needs to have a transparent pay equity policy in place that is shared with all employees. Read through to understand why creating pay equity is beneficial to your organization.
Aug 27, 2025
Thanks to a new federal income tax deduction provided by the One Big Beautiful Bill Act, many workers who put in extra hours will be able to keep more of their earnings. Read through to see who qualifies, how much could be saved and what the limits are.
Aug 26, 2025
A new federal law may allow millions of tipped workers to keep more of their earnings starting in 2025. Read through to find out who qualifies, how much could be saved and what to watch for.
Aug 25, 2025
Did you know that federal and state laws prohibit the use of immigration or citizenship status when making employment decisions? Read through for insights into how to approach immigration-related matters in a lawful way.
Jul 31, 2025
Employers conduct exit interviews with departing employees during the final days of offboarding. If done right, these interviews can be a source of valuable information to help the company improve.
More News & Press can be found in our Archive.
