Remote Work and Cyber Security: The 3 Biggest Threats Facing Legal Teams
Remote workforce steadily increasing
Over the past few decades, we’ve seen a steady increase in the number of employees working from home. U.S. Bureau of Labor Statistics reports that on an average day nearly a quarter of Americans worked at home as companies and employees from all sectors recognize the benefits.
The rise in remote work increases cybersecurity threats
A key role for in-house legal teams is protecting company intellectual property (IP) and helping manage enterprise risk. Yet, the legal department’s ability to do so is really challenged by remote workers, particularly at scale. That’s because the security mitigation techniques companies typically apply to remote workers usually ignore three key factors.
1. Companies can’t manage data risk beyond their perimeter.
Remote employees often work “off-network,” leaving companies essentially blind to file access and data movement. While remote work has steadily increased this past decade, companies still rely on a “secure the perimeter” cyber security approach. Focused on infrastructure, network and endpoints, such a traditional approach is rendered all but obsolete in the work-from-home world, where infrastructure, network and endpoints are far less relevant.
Exacerbating the challenge is that while most companies have remote work policies, they are difficult to enforce. This leads to inconsistent or low employee adherence. Indeed, reports indicate that only 10% of employees typically use a VPN when working remotely.
Without employees on VPN, most companies don’t have visibility into off-network file access and movement. Without such visibility, there is little that the company, let alone the legal team, can do to proactively ensure that company IP is protected.
2. Collaboration tools leveraged by employees present real data exfiltration risks.
It is easy to understand why collaboration tools like Slack, Google Drive and Dropbox have become commonplace in today’s workplace. They fuel innovation, speed decision making and facilitate employee interaction. Yet for all of the good things that come with collaboration tools — and there are many — they create risks as well. The more that collaboration tools are used, the more portable data becomes, and the more likely it is that data can be used or accessed in unauthorized ways.
So, while collaboration tools make it easier for remote workers to share files legitimately, they also make it easier to exfiltrate data, such as product ideas, source code and customer lists.
Another factor making the protection of corporate IP even more challenging is the widespread use of unsanctioned IT by employees. Code42’s 2020 Data Exposure Report reveals:
- WhatsApp (34%), Google Drive (30%), Facebook (29%) and personal email (26%) are the most commonly used unauthorized platforms for sharing files with colleagues
- Thirty-seven percent (37%) of workers use unauthorized apps daily while 26% use them weekly to share files with colleagues
The use of unsanctioned IT may be entirely well-intentioned as employees leverage tools simply to help them get their jobs done. But because this unsanctioned IT is largely invisible to the company, employees using it unwittingly create corporate security risks and potential IP exfiltration vectors.
3. The majority of data breaches are caused by insiders (whether malicious or not).
With so much emphasis on protecting companies from external cyber security threats, businesses ignore the most common source of data risk — their internal organization. Consider these facts:
- In the 2019 Data Exposure Report, security leaders indicated that employee actions were the primary reason for half of the intellectual property breaches occurring in the last 18 months. These breaches often take months to discover, investigate and respond to — usually after the damage is already done.
- The remote employee compounds the insider threat challenge: 36% of companies experienced a security incident due to unsecured remote workers.
Regardless of the motivation behind an insider data breach, whether negligent or malicious, sensitive data is leaving companies, and traditional data security prevention solutions are failing to sound an alarm. Over two-thirds (69%) admitted that their organizations suffered an insider data breach even though they had a prevention solution in place.
Despite these staggering statistics, insider threat programs are too often overlooked and underfunded — only 10% of security budgets are dedicated to insider threats.
The remote workforce requires a technology shift to address cyber security threats
With the remote workforce here to stay, businesses need to make significant adjustments to their data security approach. Companies need to be able to detect and examine how data files are moving across endpoints and cloud services. Without this, legal will be challenged with protecting company IP and helping manage risk.
What can legal do to help ensure corporate data security fits in today’s remote work environment?
A secure remote workforce requires a cross-functional effort. To get started, work with key stakeholders across executive, security, IT and human resource teams to get answers to these critical questions:
- Do you have visibility into all employees’ off-network file activity?
- Do you know what data employees are moving, when they move it and where?
- When someone leaves your company, what do you do to ensure they aren’t taking confidential information with them?
- If one of your employees accidentally shared a file outside of your organization, how would you investigate to determine whether you had any reporting obligations to regulators or customers?
- Do you know what trusted and untrusted collaboration tools employees are using?