In March of 2020, thousands of organizations sent their employees home. In the United States, the novel coronavirus outbreak very quickly turned from international news into active concern about how to prevent the spread of a highly infectious virus. Many employers can support remote work, but with such a large-scale and abrupt transition, what long-term risks present themselves?
Cybersecurity poses the most obvious threat. Tessian’s Back to Work Security Behaviors Report found that 56% of IT leaders believe employees have picked up bad cybersecurity behaviors since working from home. Confirming this speculation, nearly two in five employees (39%) admitted that the cybersecurity behaviors they practice while working from home are different from the behaviors practiced in the office.
Aside from potential issues related to employee cybersecurity hygiene, home networks typically don’t have the same level of security as corporate ones. Multiple users and in-home smart devices are just a few examples of potential network entry points. When most staff members are working from home and not subject to standard security practices or safeguards, organizations need to consider potential vulnerabilities and take steps to manage elevated cybersecurity risk, while ensuring that employees follow security policies and protocols.
Related Reading | Top Cybersecurity Concerns for CISOS >
Along with cybersecurity, physical security and the exposure of sensitive data become potential issues with an increased number of people working from home or in public spaces. Most office buildings are relatively secure, but with laptops and other devices in use outside of that controlled environment, organizations take on additional risk.
A remote workforce can also expose data to a wider range of eyes and ears. This risk calculation increases dramatically if employees work in a public setting like a coffee shop or library, where bad actors could try to obtain sensitive data or compromise equipment.
Conduct failures, culture breakdown, and fatigue are other more subtle risk factors associated with a work-from-home environment. Remote work practices are undoubtedly more casual — with frequent interruptions from children and pets and the new business casual attire of a dress shirt paired with pajama pants. However, as this pandemic approaches its second full year, what effect have these sorts of interactions had on the overall professionalism and engagement of the workforce?
Are new hires being presented with poor examples of corporate culture and conduct? Are employees picking up habits that don’t align with organizational policies? Recent research indicates that “the pandemic and the subsequent shift to a virtual work environment has played a pivotal role in the rise in behavioral misconduct” ranging from harassment to health and safety failures.
Fatigue and mental health are also real concerns. The Society for Human Resource Management (SHRM) reports that nearly 70% of professionals who transitioned to remote work because of the pandemic say they now work on the weekends, while 45% say they regularly work more hours during the week than they did before, according to survey data from staffing firm Robert Half.
As many employees navigate blurred lines between work and home, pandemic-related health concerns; at-home childcare, schooling, or other family commitments; and other pressures, employers need to consider how to support their workforce and reduce the risk of burnout. “The pandemic has pushed companies to prioritize employee experience,” said Paul McDonald, senior executive director at Robert Half. “Savvy employers are making lasting changes to support their staff’s needs and well-being, such as providing greater autonomy and flexibility.”
Flexible working arrangements can provide many benefits for both employees and employers. However, working from home may negatively impact company culture, engagement, and security if not approached with care and risk-based decision-making.
Rather than letting these potential work-from-home risks compound over time, organizations need to make efforts to assess, manage, and mitigate them.
Read Next | Cultivating a Risk Culture: The People >