Remote working's cyber security risks

clock • 2 min read
Remote working's cyber security risks

Remote working has expanded the digital perimeter of many organisations, and that opens them up to risks

Organisations today are fending off cyber risks of all types, from malware to social engineering and malicious insiders. The onset of COVID-19, which has pushed many employees out of the office to work remotely, has also resulted in a boom in hostile digital equivalents.

In a survey of IT leaders, more than 60 percent told us that remote working had increased ‘greatly' at their organisation as a direct result of COVID-19, with more than 50 percent of staff working remotely at nearly three-quarters of organisations.

The massive rise in work outside of the traditional bounds of the office has expanded the digital perimeter of many organisations from a single location to hundreds, if not thousands. Even businesses that were previously set up to support remote working may struggle to handle it on such a scale - and that's an environment in which cyber criminals will flourish.

But it's not just malicious outsiders that pose a threat to organisations; employees who are unused to working from home can easily make simple mistakes that compromise their own security, and that of the entire organisation. From something as simple as sharing a PC with other family members, to clicking on a phishing link now that IT is no longer breathing down their necks, the paths to compromise are many and varied.

Eleven per cent of research respondents answered ‘10' when asked to rank the extent to which remote working increases cyber security risks to their organisation, on a 10-point scale. That number may seem low, but more than 60 percent answered with a 7 or above, indicating significant concerns around remote working.

The risks

So what forms do the risks of remote working take? Top of the list is employee behaviour; as seen above, employees without home-working experience are more likely to be compromised, and IT teams must be aware of this.

Poorly protected home networks, phishing and spearphishing also ranked highly (#2, #3 and #4 on the list of concerns, respectively), with weak passwords rounding out the top five.

There are ways to address concerns around home working security. More than two-thirds of respondents already use strict password policies, VPNs and multi-factor authentication, and more than half are using endpoint security and cyber risk training. Around a quarter plan to adopt these - plus strengthening existing access policies, adding cloud-based cyber defences and even looking at security automation - in the next 12 months.

Notably, these are not all technology solutions; rather, these techniques highlight the importance of humans in the digital landscape. Both employees and managers need to understand the risks, their organisation's policies and procedures for managing them, and how to remediate issues if/when they occur.

Please click here to find out more about digital distancing and securing your remote workforce

 

More on Security

Register now: Prevent, protect and recover from ransomware

Register now: Prevent, protect and recover from ransomware

A company is hit by ransomware every 11 seconds.

clock 28 June 2022 • 1 min read
Have a plan for recovery, and then have a backup plan for when the first falls through

Identify your "vital ground" or your cyber effort is wasted

And the road to recovery is to plan, plan and plan again

Tom Allen
clock 16 June 2022 • 3 min read
Cyber weapons are fast, cheap, remote and hard to trace

In modern war, we have as much to fear from cyber weapons as kinetics

The physical world is past the point of no return when it comes to dependence on technology, says Ian Hill

Tom Allen
clock 16 June 2022 • 3 min read