Remote working has become the new norm in the face of coronavirus. But working from home poses potential cybersecurity threats to your business. Less secure internet connections, personal devices, and family members with access to sensitive business information all potentially make your business less secure. What exactly should you look out for when it comes to home working, and how can you mitigate risks?
Security responsibility is more diffuse
When most or all of your employees are working from home, the responsibility for data security shifts from the company to individuals. When everyone works from the same office, it’s much easier to regulate network access and ensure firewalls and anti-malware are installed. Employees all working from their homes, however, means that they need to take extra care when it comes to data security.
As a business owner, you should invest in educating your workers on cyber safety whilst working from home. When everyone had to shift to remote working rapidly as a result of the coronavirus pandemic, there may not have been time for proper employee instruction on teleworking data security. Now that it seems likely remote working is here to stay, it’s worthwhile to formally train your workers in this area.
Greater vulnerability to scams
Remote workers have always been bigger targets for cybercriminals. Connected to home Wi-Fi, possibly using weaker passwords and less robust anti-malware, some teleworkers make it easy for hackers to go after them. The pandemic has only exacerbated this situation.
While you can inform your remote employees to look out for typical phishing scams, they also need to be aware of COVID-19 scams. These types of cyberattacks are prevalent and come through email as well as via social networks. People are also more susceptible to scams during this time because their normal routine is disrupted. Even usual conditions for remote working are different – coworking spaces and coffee shops aren’t really an option during the pandemic. To address this vulnerability, you should counsel your remote employees to stay extra vigilant.
Too much reliance on VPNs
The VPN (a virtual private network) has become the mainstay of remote workers. VPNs provide an added layer of security for when your remote employees access your company network outside the office. While that extra security is beneficial, some remote workers have come to rely too much on VPNs. When too many people are using the corporate VPN at once, it can slow down access.
Remind your employees to use the VPN only when doing business-related activities. They don’t need it when browsing the web for personal reasons, or when they’re making a personal video call. It’s possible your company VPN has a limited license, and your workers might experience throttling due to less bandwidth at the VPN server or home ISP. As such, the VPN shouldn’t be a catch-all for all external security threats.
Unaligned security priorities
When many companies had to quickly shift their operations to a teleworking model, it meant a rapid adaptation of security strategy. One example is permissions. Privileges previously reserved for the IT department only had to be extended to other teams, often without the accompanying security measures.
Patching is another security area that’s suffered. You might feel postponing updates is acceptable during a hectic time, but leaving systems unpatched will make your company even more vulnerable. While the switch to remote working might’ve scrambled security priorities at first, it’s time to invest resources in these areas and ensure your security strategy can handle a large remote workforce going forward.
Employees’ personal devices and home Wi-Fi
Ideally, you have company laptops, tablets, or smartphones you can issue to employees for at-home use. But many small and medium-sized enterprises lack these resources, so their workers are using personal laptops or mobile devices. These personal devices usually lack built-in security software, so you can rely on mobile device management platforms or local IT support services to help with cybersecurity.
Another risk of home-working is home Wi-Fi networks. Working at home is more secure than connecting to public Wi-Fi at a coffee shop, but only if your employees take proper precautions. Changing the router password, checking for firmware updates, restricting inbound and outbound traffic, and setting encryption to WPA2 or WPA3 are some basic steps home workers can take to secure their routers.
Final Thoughts on Cyber Threats and Working from Home
In most cases, remote working is more convenient for employees. Many workers want a better work-life balance and flexible arrangements help them achieve it. Working from home doesn’t come without security risks, though. To protect your business from cyber security threats, make sure your employees are educated and take extra steps to secure company data. If your business needs assistance in this area, you can contact a local IT firm to help you manage remote cyber security.
