This spring when Covid-19 took the world by storm, many companies had to switch to a work-from-home strategy to keep their teammates and clients safe. The rush to create remote work policies created new security risks for many organizations. A survey by IBM found that newly remote workers present a significant cybersecurity risk even if they are not to blame.
The IBM survey found by surveying 2,000 US based employees who found themselves working from home for the first time, that 8 out of 10 respondents felt confident with their company's ability to handle cyberthreats but nearly half didn't receive any additional cybersecurity training since going remote.
By not properly educating users on the threats that come with remote work, employers are setting them up for a situation where that could backfire quickly no matter their company size. The biggest risk when it comes to cybersecurity threats is most often the user base who can quickly and easily give away credentials, proprietary information, and access to their data without meaning to.
While it is safest and strongly recommended that teammates use a company owned device to access files and data when working remotely, there are times when that is just not possible. Especially during a time like the Covid-19 pandemic which did not give companies adequate time to plan and adapt for the influx of remote workers needs. This has led a majority of remote workers working from their personal computers. Using personal computers puts your organization's data at risk.
If you have users who are using personal devices consider making clear policies on using a personal computer for work and regularly discussing the policies with your team. Make sure that you are regularly education your users of security threats and being sure that they cannot access any files or data and dump it onto their personal computer which could put it at risk.
Another important step when your team is using personal computers or just working remotely in general is to ensure that they have proper access to a virtual private network (VPN). This allows you to encrypt your internet traffic and provides you with access to data you would only be able to access on your company's network.
While the approach some companies took when forced to have a remote workforce may not be the safest, it is important to take a step back and patch up any holes in their security. Companies can begin doing this by taking a look at their remote work policies, getting company owned devices for users when possible, regularly providing security training for end users and providing secure remote access.
If you have any questions about getting securing your remote workforce our experts are here to help. Contact us today for a free security consultation.