21 October 2021

Threats to your organisation of returning to a physical office

As we move back to a world where COVID’s impact is less and less pronounced, there is a possibly unexpected issue raising its head to companies worldwide. We’re aware of the threats inherent in moving a workforce to a remote-working model (which were (hopefully) on everyone’s radar from March 2020), but what of the concerns of these employees all coming back to the office?

The successful roll-out of the vaccine in the UK means that many workforces are returning to the office (albeit on a part-time basis in many examples), but with this brings a series of questions/challenges to be tackled:

  • Numerous devices reconnecting to your corporate network after spending nearly 2 years sat on insecure home WiFi networks.
  • Lapsed security etiquette in workers who have had remote-working habits ingrained into them.
  • Rushed implementation of apps/IoT devices to assist with planning the movement of staff members in a post-covid, semi-socially distanced environment.

So firstly, the issue of laptops, phones, tablets all queuing up to reconnect to your company network – there will inevitably be an increase in the instances of infected devices, and even more problematically is the “long-game” tactics of cyber criminals. They are too savvy to alert your security analysts to their presence by immediately rushing around your network from server to server – they are far more likely to take their time and lay dormant for an extended period.

Then we have the concern of security best practice not being at the forefront of your workers’ minds. For instance, the muscle-memory of good security habits will have surely have weakened. Simple everyday tasks such as travelling to meetings, or to the office itself on a Monday morning present the real-time threat of fellow commuters looking over your shoulder at your data or even stealing the device itself if you have, understandably, got out of the habit of being vigilant about these matters.

Finally, once your workforce has returned to an office environment, you may have deployed some steps to ensure your office is covid-safe (ie, real-time tracking of people’s movements, desk booking, contact tracing etc). While the intention of these implementations are indisputably good – they will have been ‘built’ and implemented quickly, making them susceptible to breach. The possible damage here can range from minimal to high depending on the sensitivity levels of the data being captured.

Fortunately, IRM are superbly placed to assist you in making your physical environments safe again. We offer an entire suite of testing, auditing and best practice ranging from device auditing, network infrastructure testing, physical security testing, ISO compliance auditing, application testing and much more.

Get in touch today to find out more.