Remote working's cyber security risks

clock • 2 min read

Remote working has expanded the digital perimeter of many organisations, and that opens them up to risks

Organisations today are fending off cyber risks of all types, from malware to social engineering and malicious insiders. The onset of COVID-19, which has pushed many employees out of the office to work remotely, has also resulted in a boom in hostile digital equivalents.

In a survey of IT leaders, more than 60 percent told us that remote working had increased ‘greatly' at their organisation as a direct result of COVID-19, with more than 50 percent of staff working remotely at nearly three-quarters of organisations.

The massive rise in work outside of the traditional bounds of the office has expanded the digital perimeter of many organisations from a single location to hundreds, if not thousands. Even businesses that were previously set up to support remote working may struggle to handle it on such a scale - and that's an environment in which cyber criminals will flourish.

But it's not just malicious outsiders that pose a threat to organisations; employees who are unused to working from home can easily make simple mistakes that compromise their own security, and that of the entire organisation. From something as simple as sharing a PC with other family members, to clicking on a phishing link now that IT is no longer breathing down their necks, the paths to compromise are many and varied.

Eleven per cent of research respondents answered ‘10' when asked to rank the extent to which remote working increases cyber security risks to their organisation, on a 10-point scale. That number may seem low, but more than 60 percent answered with a 7 or above, indicating significant concerns around remote working.

The risks

So what forms do the risks of remote working take? Top of the list is employee behaviour; as seen above, employees without home-working experience are more likely to be compromised, and IT teams must be aware of this.

Poorly protected home networks, phishing and spearphishing also ranked highly (#2, #3 and #4 on the list of concerns, respectively), with weak passwords rounding out the top five.

There are ways to address concerns around home working security. More than two-thirds of respondents already use strict password policies, VPNs and multi-factor authentication, and more than half are using endpoint security and cyber risk training. Around a quarter plan to adopt these - plus strengthening existing access policies, adding cloud-based cyber defences and even looking at security automation - in the next 12 months.

Notably, these are not all technology solutions; rather, these techniques highlight the importance of humans in the digital landscape. Both employees and managers need to understand the risks, their organisation's policies and procedures for managing them, and how to remediate issues if/when they occur.

Please click here to find out more about digital distancing and securing your remote workforce

 

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Microsoft 365 emails vulnerable to newly discovered exploits

Microsoft 365 emails vulnerable to newly discovered exploits

Security woes continue

Penny Horwood
clock 20 June 2024 • 2 min read
Cyber gang shifts focus to SaaS apps

Cyber gang shifts focus to SaaS apps

‘Scattered Spider’ is targeting vSphere, Salesforce, Crowdstrike and more

Vikki Davies
clock 18 June 2024 • 2 min read
Microsoft June Patch Tuesday has fixes for Windows, Outlook and SharePoint

Microsoft June Patch Tuesday has fixes for Windows, Outlook and SharePoint

A relatively quiet month

John Leonard
clock 12 June 2024 • 2 min read