Our last blog, “The OpSec Conversation You Haven’t Had,” highlighted the often-forgotten side of cybersecurity: operational security, or OpSec. The increase in remote work won’t stop anytime soon—research estimates that 36.2 million Americans will work from home by 2025. That’s an 87% increase from pre-pandemic levels. If your organization is starting to reevaluate its cybersecurity policies, a factor worth considering is the work-from-anywhere trend. Since employees can work from anywhere, they can protect your organization from anywhere.
Employees aren’t just staying home to avoid Covid. In a Pew Research study, 76% of remote workers continue to work remotely based on their personal preferences, while 17% cite a relocation away from the office. Digital nomads, a subset of remote workers who bounce around to different cities and countries as they work remotely, are also an expanding group. There are currently 35 million digital nomads around the world. As organizations like Spotify, Twitter, Okta, Pinterest, and many more become remote-first, evaluating how these moves can impact an organization’s security posture is imperative.
A recent survey by GBTA found that 46% of UK and US employees work for organizations that don’t have travel security policies. In most standard travel policies, there are rules around hotel and airline expenditure, but no policies around what employees should do if they lose company property or are involved in an emergency.
If your organization wants to put a travel policy in place, consider filling out a risk assessment matrix. When it comes to your organization’s security, which travel situations are likely to occur that could have a far-reaching security impact?
In the meantime, start educating your employees on ways to minimize OpSec risks while traveling. GroupSense developed a travel tip card for your organization.