All of your telecommuting coworkers and employees (and yes, you too) are changing the face of cybersecurity. You have probably already heard several warnings before (if you haven’t, SWK has plenty of resources to read), but now real-world data is beginning to back the predictions up. Multiple studies reveal that many employees are in fact not following security best practices working from home, and some may have already faced consequences.
Here are a few of the ways the remote work expansion is changing the cybersecurity landscape:
The Same and New Cyber Scams, Telecommuting Edition
It is no surprise that hackers are relying the same tools and techniques they usually do – phishing for credential theft and malware delivery. The end result is also always to separate a victim from their money, either from exploiting privileged access directly or tricking those that have it, or from ransoming access to locked data back. Only two factors have changed – the volume and the messaging.
Spoofed emails and domains have increased exponentially (as high as 600% in some areas), and at least one UN official claims a cyber attack happens “every 39 seconds” currently. Information has become even more valuable in these uncertain times, and with many people seeking it solely relying on digital communication, hackers have many more potential victims than usual. With less layers of authentication while in isolation, bad actors know it is easier to leverage trusted institutions and brands to exploit those who are desperate for updates.
46 Percent of Businesses Experienced a Cybersecurity Scare
A study conducted by Barracuda Networks had almost half of respondents (46%) claim they had been affected by at least one cybersecurity incident during the COVID-19 stay at home orders. 51% said they had recorded an increase in phishing email attacks during this time as well. One of the most revealing findings was that half of respondents (notice a pattern?) also said that employees were allowed to use their own personal devices and email addresses while working from home.
Cyber Risk Management for the Remote Worker
All cybersecurity stances should be built around a quantification of your business’s cyber risk – that includes the risk generated by every employee, from entry level to executive. As more people work from home, that raises the possibility that someone may expose your network through bad habits and unsecured access. To calculate your risk, there are a few questions you need to ask yourself, like:
- How many people do we have logging in from home?
- Is everyone connecting to cloud databases or remote accessing company computers?
- How many layers of credential security do users have to go through for sensitive data?
- How fast would we be able to catch an intruder in our network?
There is No Silver Bullet for Telecommuting Cybersecurity
Even if you are able to fully quantify your company’s cyber risk from endpoint to endpoint, there is no sure-fire way to cybersecure every one of your remote workers all the time. There is no zero-trust cybersecurity policy that completely shuts out human error (especially considering executives are commonly the biggest targets – and perpetrators – of security gaps), but with the right resources you can cover the most bases as best you can. Only a proactive and reactive mix of security education, network monitoring and data protection (including backups) will shrink the attack surface remote workers can bring.
Let SWK Help You Cybersecure Your IT
Don’t let the new normal of working from home expose you to unnecessary cyber risk. Discover how SWK Technologies can help you to adapt your cybersecurity policies for remote workers with our real-time support services.
Download our CEO’s Guide to Co-managed IT to learn how SWK can help you cybersecure your network for telecommuting.