Coworking: what the risks of this type of environment are and how you can protect yourself
From the look of things, we are finally approaching the end of the new coronavirus (SARS-CoV2) crisis, which imposed long months of social isolation and forced companies to have their employees work remotely. Now, in what the market calls the “new normal”, corporations are betting everything on the hybrid work model. In order to reduce operating expenses, professionals are working in smaller offices, and wherever and whenever they prefer.
This means that if a company used to need a floor or even an entire building to house hundreds of employees, today it only takes a few workstations and a meeting room, which will only be used occasionally, when an employee actually decides to go there. And, when thinking about this format, there is nothing more seductive than the good old coworking spaces — also called shared workspaces, where several companies reside simultaneously and share space.
In fact, coworking spaces are infinitely cheaper than conventional commercial rentals. You pay lower rents and can adapt your space as needed, increasing or reducing worktables as demand grows or decreases. This type of establishment also tends to offer some conveniences, such as printing services, high-speed internet, and even all-you-can-drink coffee — all included in your monthly fee.
Now, you might be thinking: “Okay, but where’s the 'but'?”. After all, there is always a “but”. In the case of coworking, this "but" are the specific information security risks that exist in this type of environment, and it’s important that both managers and employees are aware of the dangers that a coworking environment can pose for sensitive and confidential information security. It's a unique environment with particular characteristics.
Like an office, but more dangerous
First, remember we mentioned free internet? One of the advantages of shared offices is that you don't have to worry about contracting an internet provider — most coworking spaces offers include Wi-Fi in the monthly fee, freeing you from this additional cost. The problem is that, like all public Wi-Fi, you have to be very careful when using it. You never know who might be intercepting traffic coming in and out of your employees' computers. Because of this, a VPN is essential.
The clean table policy is also more critical than ever. If keeping papers and post-its with sensitive information at your workstation was already risky behavior in traditional offices, the danger increases exponentially in a coworking space, where the company working at the table next to you can be your direct competitor. Intellectual property, roadmaps, reports, customer lists, and other confidential documents could be stolen at the blink of an eye.
For the same reason, it is important to be careful never to leave your work post or your computer unlocked, as a malicious actor can take advantage of this slip. Physical attacks such as evil maid (in which the attacker inserts a malicious flash drive into the target machine to infect it with some malware or spyware) can occur at any time. If possible, whenever you need to be away from your workstation, take your laptop with you. There's not much you can do if you use a conventional desktop.
Beware of gossip
Finally, it’s worth remembering that information security risks are not just cybernetic. Remember the old expression “the walls have ears”? Well, a coworking space doesn't even have walls most of the time. A casual chat with a co-worker about your company's plans and strategies can be a golden opportunity for someone who is eavesdropping. Be careful when discussing professional matters in elevators, halls, pantries, and other shared spaces.