One of the numerous challenges that organisations will have to face as they prepare for life after a pandemic is the cyber security hazards of remote working. Employees who work remotely rely on their home networks – and sometimes their own devices – to complete tasks, which poses several risks.
Providing a company infrastructure that can effectively support remote workers faces numerous challenges, particularly for small and medium-sized businesses. Of course, cybersecurity is at the top of that list of issues. There are many issues to consider with VPN connectivity, using home devices and networks, business continuity, technology maintenance and support when many workers are forced to work from home due to illness or natural disasters.
Cyber security threats are increased when people work online
Without the security precautions that corporate office systems provide – such as firewalls, filtering, whitelisting, anti-virus, malware and physical controls etc – secure remote computing can be quite difficult to achieve.
Cloud documents, emails and attachments, instant messaging clients, and third-party services are all vulnerable, and with so much data being shared digitally, your attack surface has risen significantly.
Multi-factor authentication is a key control to help prevent unauthorised access, however with staff using their own devices, and mobile app versions of instant messaging clients like Teams and Zoom it needs to be implemented carefully to cover all use cases. Due to the blurring of barriers between personal and professional life, sensitive information is more likely to fall into an insecure environment.
The risk of attackers sending phishing emails is another concern that remote workers face. These are phishing schemes that try to trick you into giving up your personal information or downloading a malicious attachment that contains a keylogger or other executable code.
Various mitigation strategies can be used, although the separation of personal and professional data/information and systems is key. Wherever possible Use company/corporate devices for work done on a business laptop that is protected by remote access security restrictions. At the very least, this should feature two-factor authentication, which reduces the likelihood of a breach resulting from unauthorised access from captured credentials.
Employees who are tired make mistakes
Fatigued or unmotivated staff are more likely to make careless mistakes, whether in the quality of their job or in making a poor judgement that jeopardises the security of important data.
The nature of remote working contributes to two of the contributing variables. Employees are more prone to be distracted and not concentrated or focused on the task at hand. This is especially true if they have family or friends at home, but it could also be as basic as remembering to do the dishes or laundry.
The second problem is that despite being distracted, remote workers may end up working more hours. This is most likely the outcome of home workers either overcompensating for the flexibility they have or succumbing to the temptation to work a few extra hours in their spare time due to the workplace’s accessibility.
Wherever your employees are, make sure they are safe and secure
A strategy for handling employees’ security threats whether they are working in the office, at home, in shared workspaces, or elsewhere is essential. To manage the threats, a risk assessment can be a very useful tool to identify key assets, processes and systems and to take stock of the controls required to keep them secure.
Contact us today to discuss how CANDA can help or assist you with your Cyber Security concerns.