Are remote workers compromising cyber security?

clock • 2 min read

Every media report, research paper and press release of the last six months agrees: remote working is here to stay. But what does that mean for cyber security?

As the world of work has become more dispersed, cyber attackers have celebrated the dawning of a new age: one without perimeter firewalls and security teams on-hand for eight hours a day.

The rise of home working has widened the digital perimeter beyond head office, presenting an environment in which criminals - especially those who can leverage social engineering attacks - can thrive.

Home network risks

In the new normal, one mistake can compromise not just a single employee's computer, but an entire corporate network. Insecure home networks and shared devices mean that anyone in a house - not just employees - could expose a business to malware.

Nearly half (47 per cent) of IT leaders agreed that cyber incidents had increased at their organisation since the start of the pandemic.

If you take recent media reports at face value, it might seem that all the threats are outside your organisation; but not according to our research. IT leaders ranked employee behaviour as the number one cause for cyber security concerns in the new normal.

Poorly protected home networks (number two), weak passwords (number five) a lack of cyber risk training (number eight) and the growth of shadow IT (number 10) also appeared on the list.

Meanwhile, phishing, spear phishing, remote meeting software, insufficient means to monitor and manage the IT estate, poor endpoint security, mobile apps, lack of multi-factor authentication, and cybercriminals setting up fake VPNs are said to be the main technology-centric threats or behaviours.

The need to adapt

If organisations fail to equip employees with the right tools, policies, and training, a compromise or breach could bring the whole edifice crashing down.

The lesson is that firms should value security just as much as personal productivity amongst remote workers. Managers and employees need to apply the same sense of personal and collective responsibility to minimising digital risks to the organisation that they have used for limiting the spread of coronavirus.

Most read

Intel splits in two, signs deal with Microsoft

22 February 2024 • 7 min read

Cambridge University hit by DDoS attack

20 February 2024 • 1 min read

Gemma: Google unveils open AI models

22 February 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Law enforcement takes down LockBit - updated

Law enforcement takes down LockBit - updated

NCA among the groups under 'Operation Cronos'

Tom Allen
clock 20 February 2024 • 2 min read
Microsoft's chief security advisor joins Cybersecurity Festival 2024

Microsoft's chief security advisor joins Cybersecurity Festival 2024

Sarah Armstrong-Smith will talk AI in security

Tom Allen
clock 19 February 2024 • 1 min read
Microsoft announces critical zero-day Exchange bug

Microsoft announces critical zero-day Exchange bug

Enables remote control of Exchange Server

Vikki Davies
clock 16 February 2024 • 1 min read