Cybersecurity and Working From Home

As businesses prepare for post-pandemic work life, one of the many issues they'll have to tackle is that of cybersecurity and working from home. With more companies embracing a fully remote or hybrid workforce, maintaining strong cybersecurity among remote employees will be a key consideration going forward.

Cybersecurity risks in working from home

Although there are advantages to transitioning to a fully remote work environment, it can also open your business up to greater cybersecurity risks. By one estimate, phishing email attacks increased by more than 600% during the early days of the COVID-19 crisis, while ransomware attacks have increased by nearly 500%.

There are several reasons why remote workers are so vulnerable:

• A patchwork of internet connections and cybersecurity software: Traditional office systems have a myriad of security protections, including firewalls and blacklisted IP addresses, already in place. But in a work-from-home environment, workers log into critical business systems remotely—sometimes through their own home devices and connections, which are much less secure and easier to hack. Vulnerable elements include personal emails, file attachments, cloud documents, instant messages with clients and third-party vendors.
• Use of personal portable devices: Remote workers who are using their personal smartphones, laptops and tablets can pose additional risks, blurring the lines between personal and professional life. In addition, remote workers are often using mobile app versions of collaboration software, such as Microsoft Teams and Zoom, for work on their personal devices.
• Lack of central control: Without a dedicated IT department right down the office hallway, remote workers are left to address technical security issues on their personal devices on their own. Approximately 70% of remote workers said they had experienced IT problems during the pandemic, and 54% had to wait up to three hours for the issue to be resolved. In this environment, workers may choose less secure workarounds when they encounter technical issues.

How to protect your company and remote workers

For businesses relying on remote workers, efforts regarding cybersecurity and working from home require full attention. Many of the same strategies you employ to secure your business from cyber threats should be continued and even stepped up in a work-from-home environment. Make sure to do the following:

• Encourage employees to update their software regularly. That includes updating their personal and work laptops, personal and work phones, and any other mobile devices. Work with your IT department to make sure any third-party vendor updates and patches are communicated frequently and securely.
• Use multi-factor authentication (MFA) or single sign-on (SSO) capabilities whenever possible. SSO logins allow employees to use one set of credentials across multiple applications. MFA requires users to enter two or more identification factors to access an application or network.
• Provide all employees with ongoing security training on cybersecurity threats. This training should include how to spot and report a phishing email, ransomware attacks, or social engineering schemes. Make sure employees are comfortable reporting threats immediately and know who to contact.

Cybersecurity and working from home

The pandemic forced companies to adapt to new ways of working, with the majority moving to a remote model. Today, 78% of global CEOs agree that remote collaboration is here to stay. With the right work-from-home cybersecurity strategies in place, any business owner can protect their company and support their workers in the new normal remote working environment.