Dive Brief:
- Almost every IT professional, 92%, in an OpenVPN survey recognized the benefits of remote work, but almost that many said the perk comes with security risks, and more than half said the risks are greater than those for onsite workers. OpenVPN polled 250 IT leaders at the managerial and C-suite levels for their views on the growth of remote work and quality of remote-work policies in their organizations.
- The survey found 73% of VP and C-suite IT leaders think remote workers present a greater risk than onsite employees, while only about half of IT managers and IT directors thought so. Although nearly all survey respondents have a policy in place, OpenVPN said restrictions should apply, such as making VPNs and password managers mandatory and prohibiting remote workers from using their personal devices for work to protect employers' proprietary information.
- OpenVPN recommended that employers lower their security risk by regularly revisiting their policies for continuous improvement, letting IT take the lead role in developing a security policy and actively enforcing those policies.
Dive Insight:
No one understands the risk of cybersecurity breaches better than IT professionals. Organizations rely on them to alert the workplace when threats occur and instruct workers in how to spot and avoid attempted breaches — just as employers rely on HR to cultivate a deep understanding of workers' needs and motivations.
Therefore, HR and IT professionals must work together to create cybersecurity policies, design employee training programs and communicate their rationale for both to workers.
With remote work and other flexible work arrangements more ideal for many candidates and more ubiquitous in workplaces — and with employees' penchants for using personal devices for work — it's essential for HR and IT to ink cybersecurity policies that reflect this change together.
Employment experts talk about the need to establish cultures of learning, cultures of inclusion and cultures of wellness in the workplace. In a similar way, striving for a culture of cybersecurity can help HR and IT incorporate cybersecurity holistically into all of of an organization's operations.
In an October report from the Information Systems Audit and Control Association, only 5% of 4,800 business and technology professionals thought their cybersecurity cultures were as advanced as they should be. HR has expertise in building cultures and can partner with IT to make cyber safety central to an organization's values.