This article was written by cybersecurity expert Tim Green
There has been a considerable rise in the number of remote workers as a result of COVID-19. And while this has brought countless benefits, from flexible working and an increase in productivity, there are also some challenges that may be overlooked.
Remote working is actually a problem from a cybersecurity perspective and each member of a company, whatever its size, has a responsibility to mitigate the risk. It’s important to understand the most pertinent cybersecurity challenges for remote workers and what businesses can do to defend themselves against attacks.
More devices mean a greater surface area for attack
One of the consequences of remote working has been the shift towards staff using their own devices at home instead of office equipment. In the office, company IT teams or security specialists are able to vet and monitor devices across the network, but at home, people can use mobiles, tablets or other technological devices which aren’t monitored at all. Each of the devices used could pose a potential security risk and may be an entry point for cybercriminals looking to break into your network.
With more devices used, the size of the surface area they can attack increases. What’s more, the devices remote workers are using may not have the appropriate security controls which poses a data leak risk. 52% of companies say mobile devices are very hard to protect from cyber threats and staff may not be using strong enough passwords on their personal devices. An IT team can’t track devices they don’t know about, so it’s important that remote workers are clear about the devices they are using for work and inform IT teams of any changes.
The loss of office cybersecurity protection
As previously mentioned, devices in the office have a greater protection from cybercrime thanks to company firewalls and antivirus software. Some businesses may have even more advanced solutions such as endpoint detection and responses to protect sensitive data and classified information.
While it may not be possible to deploy these types of solutions for each remote worker, it’s a good idea to speak to cybersecurity professionals about the systems that can be put in place to keep remote workers secure from any potential threat.
Take time to re-think the makeshift solutions
One of the issues to arise out of COVID-19 has been companies forced to adapt quickly and therefore inefficiently in many cases, which has left them open to cybersecurity threats. For example, there’s been a rise in the use of video calling software like Zoom to maintain collaboration. Many of these solutions have challenges related to them and cybercriminals have found ways to exploit them.
The solution for businesses could be to rethink their makeshift solutions and work with specialists to strengthen their security systems going forward. “Once considered a technology reserved for larger companies, video conferencing can now be adopted by businesses of all different sizes for increased productivity and better engagement,” says Nadia Whyte-Venables, Operations Manager at Omni3 Communications “video solutions make the process of collaborating with remote workers and international offices easier than ever, with remote collaboration becoming an increasingly common feature of businesses in a host of different sectors”.
The issue with shadow IT
Shadow IT is the use of software or apps that employees use which have not been approved by the IT team. These types of apps or online tools could contain vulnerabilities which can be exploited by hackers and leave the business at risk. Remote working makes the use of shadow IT far more likely, as the IT team can no longer monitor devices properly and have no way of knowing what software employees are using when they’re out of the office, even if staff believe that they’re installing something useful. So many tools come with freemium models which makes them all the more appealing to the uneducated.
Before cutting off access to shadow IT platforms, help users to solve problems through context-based training and prioritize their user experience. One of the reasons people use shadow IT solutions is because the tools they’re being asked to use are too difficult or challenging, which leads to them wasting time and reducing their productivity. But if the employee experience is seamless, then the risk of shadow IT is reduced.
Cybersecurity can be a huge threat to businesses, particularly now that COVID-19 has disrupted the way so many industries operate. By working with specialists to identify the risks, finding solutions that will empower remote workers and ensuring that staff have the correct training they need to work productively, businesses can avoid the threat of cyber-attacks in the future.