Working from home can be great for work-life balance, flexibility and the lack of a commute, but it also brings up a whole host of cybersecurity problems. With employees relying on personal networks and sometimes their personal devices, new online tools and services, and added distractions, it has become a nightmare for an IT team to regulate security measures.
According to the Velocity Smart Technology Market Research Report 2021, 70% of remote workers said they had experienced IT problems during the pandemic.
With home working looking like it is here to stay, even post-pandemic, it’s important to take some time to review your security processes and check that everything is working and safe.
We’ve put together some of the top cyber security risks to look out for when working from home.
1. Unsecure home network connection
One of the key reasons for an increase in cyber security risks whilst working from home is unsecured personal networks. Employees may remember to perform updates on their devices and antivirus software, but updates to home router software are often overlooked. When personal routers aren’t updated regularly, they will be susceptible to security gaps which could lead to data breaches.
Plus, company networks will have firewalls that will monitor traffic and block any malicious activity. Many home routers will not have a firewall in place, which can lead to potential network security gaps.
2. More use of online tools
With an increased reliance on technology and online tools, businesses are far more susceptible to cyber threats. More and more tasks are being completed online, from Cloud storage to emails, attachments, instant messengers, third party services and tools such as Teams, Zoom, Hangouts and Asana. This obviously opens up more avenues for cybercriminals to infiltrate company accounts.
3. Employees can’t spot scams
Unfortunately, one of the most common security risks of working from home actually comes from employees. Due to either carelessness, tiredness or lack of knowledge, employees can unintentionally give cybercriminals access to their devices or company files. In fact, a Society of Human Resources Management study found that 35% of employees reported feeling tired or having little energy while working from home.
Usually, workers will be much more preoccupied with their day-to-day tasks to consider cyber security threats, especially if they haven’t been trained to. Cybercriminals are always adapting and improving ways to scam people and steal data, so it should come as no surprise that workers will sometimes fall for these deceptions. During the pandemic, the number of scams and phishing emails has increased exponentially, making employee lack of knowledge one of the most important security risks whilst working from home.
4. Staff lose sight of security concerns
Even if your company has taken the time to educate staff on cyber security risks, there is a chance that they will lose sight of or forget these concerns when working at home. With the busy day-to-day, IT security can fall down people’s priority lists and without supervisors present to monitor their activity, employees are more likely to be lax about security protocols.
Also, the length of the pandemic and the economic impact has meant that some employees may be worried about their job prospects or financial position. Studies have found that many workers were preparing for the worst-case scenario – that is, they lose their job, or their company becomes insolvent. In fact, a report by Deloitte found that 26% of survey respondents report being tempted to make copies of important company data as a precaution. Storing internal company data against a worst-case scenario very clearly illustrates how crucial it is for companies to act to prevent the loss of corporate data, intellectual property and, more broadly, to tackle the risk of corporate fraud.
5. Weak passwords
Even if your company makes use of VPNs, firewalls and security software, your business may still be at risk from employees using weak passwords on their accounts. Rather than try to break through tight security infrastructure, cybercriminals will firstly try to crack accounts that may have weak passwords. To do this they use a number of tools, like password generators and coding bots to continuously try and guess passwords and check accounts for repeat passwords.
6. Phishing and ransomware
Another major threat that remote workers face is phishing and ransomware attacks. These scams are designed by cybercriminals to fool victims into sharing sensitive information or downloading malicious malware onto their devices. This kind of threat should already be on workers’ radar, however, during the pandemic, the number of these sorts of attacks has grown enormously.
According to databasix, phishing emails have spiked by over 600% since the end of February as cyber-criminals look to capitalise on the fear and uncertainty generated by the COVID-19 pandemic.
They work by a criminal posing as a legitimate source, usually over email, to trick the victim into sharing login details or sensitive information. The criminal will then steal this information or lock it and ask for a ransom to be paid.
7. Unencrypted file sharing
While companies may think to encrypt files saved on their network, they might not consider file encryption when data is sent from one location to another. From client account information to customer data, and financial information, your company cannot afford for cybercriminals to intercept files when they are being shared. When files are stolen in this way, it can lead to identity theft, ransomware and theft.
8. Personal devices
When everyone began working from home when the pandemic hit, some of your employees may have started using their personal devices for work. Whether it be mobile phones in place of a work telephone, printers, tablets or laptops, one of the main risks this raises is the lack of IT security infrastructure. Whether people are using mobiles to log into business accounts, taking sensitive calls from clients or may have voicemails in their inbox which contain important data, many employees will not think to ensure these are encrypted.
If you need help keeping your team secure whilst working from home, our team is on hand to help you every step of the way.
Our friendly team of experts can help you, your team members and your business stay secure. Get in touch to learn more about our bespoke cyber security services now.