Remote working's cyber security risks

clock • 2 min read

Remote working has expanded the digital perimeter of many organisations, and that opens them up to risks

Organisations today are fending off cyber risks of all types, from malware to social engineering and malicious insiders. The onset of COVID-19, which has pushed many employees out of the office to work remotely, has also resulted in a boom in hostile digital equivalents.

In a survey of IT leaders, more than 60 percent told us that remote working had increased ‘greatly' at their organisation as a direct result of COVID-19, with more than 50 percent of staff working remotely at nearly three-quarters of organisations.

The massive rise in work outside of the traditional bounds of the office has expanded the digital perimeter of many organisations from a single location to hundreds, if not thousands. Even businesses that were previously set up to support remote working may struggle to handle it on such a scale - and that's an environment in which cyber criminals will flourish.

But it's not just malicious outsiders that pose a threat to organisations; employees who are unused to working from home can easily make simple mistakes that compromise their own security, and that of the entire organisation. From something as simple as sharing a PC with other family members, to clicking on a phishing link now that IT is no longer breathing down their necks, the paths to compromise are many and varied.

Eleven per cent of research respondents answered ‘10' when asked to rank the extent to which remote working increases cyber security risks to their organisation, on a 10-point scale. That number may seem low, but more than 60 percent answered with a 7 or above, indicating significant concerns around remote working.

The risks

So what forms do the risks of remote working take? Top of the list is employee behaviour; as seen above, employees without home-working experience are more likely to be compromised, and IT teams must be aware of this.

Poorly protected home networks, phishing and spearphishing also ranked highly (#2, #3 and #4 on the list of concerns, respectively), with weak passwords rounding out the top five.

There are ways to address concerns around home working security. More than two-thirds of respondents already use strict password policies, VPNs and multi-factor authentication, and more than half are using endpoint security and cyber risk training. Around a quarter plan to adopt these - plus strengthening existing access policies, adding cloud-based cyber defences and even looking at security automation - in the next 12 months.

Notably, these are not all technology solutions; rather, these techniques highlight the importance of humans in the digital landscape. Both employees and managers need to understand the risks, their organisation's policies and procedures for managing them, and how to remediate issues if/when they occur.

Please click here to find out more about digital distancing and securing your remote workforce

 

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Law enforcement takes down LockBit site

Law enforcement takes down LockBit site

NCA among the groups under 'Operation Cronos'

Tom Allen
clock 20 February 2024 • 1 min read
Microsoft's chief security advisor joins Cybersecurity Festival 2024

Microsoft's chief security advisor joins Cybersecurity Festival 2024

Sarah Armstrong-Smith will talk AI in security

Tom Allen
clock 19 February 2024 • 1 min read
Microsoft announces critical zero-day Exchange bug

Microsoft announces critical zero-day Exchange bug

Enables remote control of Exchange Server

Vikki Davies
clock 16 February 2024 • 1 min read