Does isolation restrict remote worker security? – Part 1

CybSafe

We are CybSafe. We’re a British cyber security and data analytics company.

June 25, 2020

Research shows how “social learning” impacts security skills – and it says a lot about securing remote workers.

Remote working is here to stay. And there are benefits. But when it comes to security, remote working poses a problem.

Remote workers know less about security than people based in offices. 

Remote workers are less confident in their security skills.

And they’re less motivated to follow security policies.

In fact, CybSafe research shows 23% of people have used personal devices when working from home. 19% even delay video conferencing software updates. Why?

Sure, things like posters, desk-drops and security checks don’t boost remote worker security. But that’s only part of the story.

Because it turns out remote workers might be tough to secure…

Simply because they’re remote.

 

People learn from people

 

Remote workers work alone. And that’s a problem because people learn from other people. 

We learn from what people say. And what people do. And remote workers – from their home offices, local Costas or 12:34pm trains from Swindon to Paddington – don’t get much of a chance to learn from other people. 

So a few years back, security researchers looked into how isolation influences remote worker security.

 

Taking measures

 

The researchers measured people’s “vicarious experience” – ie, people’s observations of others. 

They also measured the level of security feedback people received. 

And they measured “situational support” – the extent to which people believed their environment aided security. (Because, according to social learning theory, mental states influence social learning.)

 

The conclusion

 

When the researchers crunched the numbers, it turned out their initial hunch was right. 

The more we observe the security skills of others, the greater our security skills. The more verbal security feedback we receive, the greater our security skills. And the more we feel our environment aids security, the greater our security skills.

The research revealed a major barrier to remote worker security:

Remote workers work alone.

 

How to respond

 

The conclusion is pretty damning. But we need to accept it.

Remote working is both on the rise and here to stay. And we need to improve security despite the constraint. 

That takes thought and creativity. But it can be done.

 

In part two of this post, we’ll look at how.

Post-pandemic, CISOs are overlooking an important cyber defence

Post-pandemic, CISOs are overlooking an important cyber defence

Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe will be joining the growing list of organisations “working from anywhere”. Not temporarily. Permanently. And not “working from home”. Working from anywhere. Questions about office hours and moving overseas quickly begin. They showcase people’s excitement. But they also highlight an interesting point – For months now, most security professionals have been desperate to “secure remote workers”. 

read more
We thought we needed to secure remote workers. We were wrong.

We thought we needed to secure remote workers. We were wrong.

Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe will be joining the growing list of organisations “working from anywhere”. Not temporarily. Permanently. And not “working from home”. Working from anywhere. Questions about office hours and moving overseas quickly begin. They showcase people’s excitement. But they also highlight an interesting point – For months now, most security professionals have been desperate to “secure remote workers”. 

read more