07 Jul Remote Work Leads to Increased Cyber Security Risks
How to be Prepared as an Organization
While many states are beginning to reopen in phases after the surge of Coronavirus which started in March, remote work is still being encouraged by the vast majority of leadership. However, when a team goes remote, they are highly susceptible to increased security risks.
Depending on the severity of cases in certain localities, many organizations quickly sent employees home to work without a return date in sight. As such, IT teams and infrastructure were not properly prepared to handle threats outside of the normal office environment.
“Traditional security measures that have been used daily for years can’t protect a fully remote staff without adaptation” says Chief Security Officer for Cybereason Sam Curry for Entrepreneur.com.
According to a survey of desk-based and computer workers conducted by 1Password since the COVID-19 crisis, 89% of workers have made the shift to remote work. In addition, “30% said that their IT groups strengthened some security protocols and requirements, while 29% said that certain protocols and requirements had been loosened. Some 36% said there were no adjustments to their security protocols.”
Listed below are a few work-from-home security threats to keep in mind as employees continue to work outside the office.
VIRTUAL PRIVATE NETWORKS AND AT HOME WI-FI
Hackers are ready to take advantage of systems and networks that may already be infected with malware or are lacking in security. When workers are using home networks and devices, IT teams are not able to control security measures as they would in the office environment. “It’s critical to have endpoint integrity checking and strong authentication at this stage once the VPN is in place and active” says Curry.
It’s easy for hackers to take over an employer’s network or device through human error. Especially during such a vulnerable time, phishing scams (especially those related to COVID-19) are on the rise through seemingly legit email and app downloads. Proper and consistent training for employees is even more important as security measures are decreased at home.
PHYSICAL LOCATION OF DEVICES
Working from home provides many benefits to employees such as flexibility in schedule and location. However, using public Wi-Fi and even opening your laptop in a common space poses a risk to protecting sensitive information. CI Security recommends using only company-provided devices so private data is not transferred to personal devices. This causes threats in cyber security because most personal devices are lacking in protection such as regular updates and antivirus scans.
In addition to enhanced security measures in network and infrastructure, proper training of new (and experienced) remote workers is absolutely necessary and should be conducted often.
“The job of security is not to eliminate all risks, because all threats are not equally dangerous or likely, and they won’t all be exploited at once. Discuss risk early and often, and revisit triage on a regular basis. The risks you face today will not be the ones you face next week or the week after” says Curry.
Reach out to schedule a free 30-minute consultation to understand how your organization can prepare for COVID-related threats & remote work.