How remote work can improve cybersecurity
Imagine a house full of sophisticated locks, closed circuit cameras and a sophisticated security system. Yet the owner leaves the back door wide open.
This is exactly what is happening in the world of corporate cybersecurity. As organizations worry about the potential risks of remote working, new research suggests the real dangers lurk within the office itself, according to the findings of a groundbreaking study by the Farmer School of Business at the University of Miami (appearing in the July issue of the peer-reviewed journal Computers & Security).
That’s what the researchers discovered remote workers exhibit a higher level of cybersecurity awareness and take more security-related precautions than their office-based counterparts. That’s right, working from home apparently makes employees more vigilant when it comes to cybersecurity.
“When we surveyed remote workers, we expected the results to reveal cybersecurity complacency. But surprisingly, the study revealed remote cyber-vigilance,” the study author, Joseph K. Nwankpa, told me.
This surprising outcome can be attributed to the so-called “Peltzman effectand the complacency framework, on which the study is based to explore how remote work can create moral hazard with regard to employees’ cybersecurity awareness and taking safety-based precautions.
Remote workers tend to feel more responsible for their own cybersecurity, while office workers often are complacentrelying on their companies to handle cyber threats on their behalf.
Imagine being on a cruise ship with an impeccable safety record. You may feel so safe that you skip the safety drill and neglect to find out the location of the lifeboats. This is the complacency effect in action. Office workers, surrounded by the perceived safety of their company’s cybersecurity measures, are less likely to follow best practices and take necessary precautions.
The study cites previous research revealing how employees working within headquarters and borders trust their company to develop, maintain and update security controls to mitigate cybersecurity threats and risks. As a result, these employees are unaware or aware of security threats and issues, leading to a limited awareness of cybersecurity.
On the other hand, remote workers, such as sailors navigating stormy seas, understand that they must be constantly vigilant. This heightened awareness leads them to take more security-based precautions, ultimately keeping their company’s digital assets more secure.
Indeed, the human element of security is enhanced by moving to remote working.
“Our research found that working from the office within company firewalls and security perimeters drove employees to engage in high-risk cybersecurity behaviors, such as reduced cybersecurity awareness and taking precautions,” said Nwankpa. But “the move to remote work left employees feeling insecure, leading to increased cybersecurity awareness and cybersecurity precautions.”
The research model used in the study examined the impact of remote working on taking security-based precautions and the role of cybersecurity awareness in the relationship between remote working and taking security-based precautions. The data collected from 203 remote workers in the US provided strong support for the research model, indicating that remote work is positively associated with cybersecurity awareness and taking safety-based precautions.
In addition, the study found that as telecommuters become more aware of cybersecurity, they are more likely to adopt safety-based precautions. This reinforces the idea that promoting cybersecurity awareness among remote workers can lead to better protection of the organization’s information assets against threats.
Contrary to popular belief, the findings of this study show that remote working can actually improve cybersecurity. Companies can use this knowledge to their advantage by promoting remote working arrangements and fostering a culture of cybersecurity vigilance and responsibility among their employees.
Organizations should not shy away from embracing remote working arrangements as the research shows they can lead to better cybersecurity outcomes. By fostering a culture of trust, personal responsibility and cybersecurity awareness among remote employees, companies can empower their workforce to take necessary precautions and maintain a high level of vigilance, ultimately leading to a more secure digital environment.
;Resize=620)
