SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image

Remote work trends spark new cybersecurity strategies

Thu, 28th Nov 2024

Cybersecurity and data storage trends for 2025 envisage significant shifts in organisational practices to accommodate remote working and evolving threats.

According to Jon Fielding, Managing Director, EMEA for Apricorn, the ongoing cybersecurity skills gap will lead to more organisations adopting remote work to harness a global talent pool. This change not only assists companies in recruiting skilled security professionals without geographic limitations but also introduces new security challenges that require consistent, enforceable security policies and secure data management practices.

Fielding suggests that one effective way to securely empower remote workers is by providing them with corporate IT environments on bootable USB sticks. These sticks can host a secure operating system that isolates corporate data and applications from the personal devices of employees, effectively reducing the risk of malware or unauthorised access. "By ensuring that remote employees operate within a controlled IT environment, organisations can maintain tighter control over security protocols while offering flexibility and ease of use," he notes.

In remote work environments, shadow IT remains a significant concern.

The utilisation of unauthorised devices and applications can pose substantial risks. Fielding indicates that in 2025, organisations are expected to increasingly implement Endpoint Detection and Response (EDR) solutions to secure unapproved devices accessing corporate networks remotely. He stresses the importance of securing portable storage devices, locking down ports to only accept corporately approved devices, and enforcing strict device usage policies to mitigate the risks associated with shadow IT.

Data residency issues and decentralised backup strategies will also feature more prominently as hybrid and remote work continue to prevail.

Fielding anticipates the adoption of decentralised backup strategies that combine cloud storage with secure offline local backups to meet data residency and regulatory requirements. "By diversifying storage methods and leveraging robust backup protocols, businesses can protect themselves against the dual threats of cyber attacks and regulatory non-compliance," he comments.

The sophistication of phishing attacks is expected to escalate with a new wave of AI-driven phishing attempts that are particularly targeted and convincing.

These AI-crafted attacks use user behaviour, communication patterns, and language nuances to create highly personalised phishing messages. Fielding highlights that this trend poses particular risks for remote workers using portable devices and underscores the need for advanced endpoint security protocols, combined with user training and secure hardware like encrypted USBs, to defend against such threats.

Fielding further stresses the importance of implementing and enforcing stringent data handling, transfer, and storage protocols, driven by new and ongoing regulatory requirements such as the EU's NIS 2 Directive and the UK's forthcoming Cyber Security and Resilience Act. These regulations mandate high standards for data security and necessitate secure data movement between devices and locations, making hardware-encrypted storage solutions crucial.

This evolution in data security and management policies aims to balance the flexibility offered by remote work with the security standards necessary for compliance. Organisations will be compelled to ensure employees adhere to strict protocols that protect data integrity and prevent unauthorised data movement across devices.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X