For many people, working remotely is the dream. Not only do you get to dictate your own hours, you’re also freed from the burden of commuting, being stuck in boring meetings all day, and engaging in awkward office gossip.
In 2017, the Bureau for Labor Statistics reported that over 21 million people held either contingent jobs — jobs that are not expected to last long or are otherwise temporary — or had alternative work arrangements (as independent contractors, on-call workers, temps, etc.). And with more and more companies offering work from home policies, there is a large portion of America that works remotely at least some of the time.
With that comes additional security risks. For example, an employee who decides to work from the comfort of the local Starbucks and relies on free, public WiFi to get work done is actually putting the security of their company at risk, thanks to the unencrypted and easily intercepted internet connection they are using. As more people choose to work from places that are not dedicated office spaces, or simply answering emails on their smartphone from malls or airports, these security risks will become an even greater hazard to companies both large and small, hence salaries for cybersecurity jobs have been increasing at a higher-than-average rate in recent years.
With employees today accessing company information from a variety of locations outside of the office, and on a variety of devices (cellphones, tablets, etc.) one slip can leave the entire business vulnerable to an attack. In fact, it’s incidences like these that are the primary cause of data breaches, which affect not only the company itself but also all its customers.
There’s another security issue that can affect contractors, too. Drivers for Uber, for example, are having their information collected and stored. Uber drivers are constantly sharing data about the rides they’ve given, the passengers they’ve ferried, and their physical locations while they’re on the job. Another company, Handy, which offers cleaning and handyman services, tracks the location of their contractors 4 hours before they’re scheduled for a shift and 2 hours after it’s been completed.
On top of that, these companies also require extensive background checks along with banking information for all their contractors; consequently, they end up sitting on a heap of extremely sensitive information that would be dangerous in the hands of the wrong person.
This brings us neatly back to the first security issue. When we’re out at a coffee shop working on projects, connecting to free WiFi that is easily intercepted by hackers, or we simply click a spammy link in a phishing email and infect our device with malware, the entire company’s data is at risk. The Uber driver and their location. The parent’s credit card details. The shopper’s username and password. All of this data is instantly now vulnerable.
Before the increase in remote workers, employees would generally work in the office, connected to a secure office network. Today, that’s no longer the case.
In 2016, Uber was the victim of a security breach, with a hacker gaining access to the personal information of up to 600,000 drivers. Instead of notifying the drivers that their information had been compromised, Uber decided to pay the requested ransom instead — and was later fined $148 million for its failure to disclose the hack.
This, and the hundreds of other breaches that occur all-too-regularly, is a serious security issue that needs to be addressed. Those who work from places that are not dedicated office spaces — their homes, the local coffee shop, airports, hotels, etc. — should be cognizant of the significant security risks they face, and take steps to mitigate them. These include using a VPN to shield your data from criminals whenever connected to public WiFi, being extra vigilant about phishing emails, and generally taking online security seriously.
Because it’s not just our data that’s at stake.