New research shows almost three quarters of large businesses believe remote working policies introduced to help stop the spread of COVID-19 are making their companies more vulnerable to cyberattacks. AT&T’s study of 800 cybersecurity professionals across the UK, France and Germany shows that while 88% initially felt well prepared for the migration, more than half (55%) now believe widespread remote working is making their companies more or much more vulnerable to cyberattacks. This figure jumps to 70% for large businesses with over 5,000 employees.
More information:
With remote working, many procedures need to be updated to ensure the security of home workers\’ systems. There is the concern about keeping systems patched, technical controls such as VPNs and MFA are in place, that monitoring controls are effective across a remote workforce, and that all staff receive appropriate and timely security awareness and training so that they are aware of and can report any attacks.
Communication channels are one of the biggest challenges. While there is no shortage of tools to communicate, not being able to tap a colleague on the shoulder to ask a question can lead to its own set of problems. Criminals are well aware of this and have placed considerable effort into social engineering remote employees through phishing scams which look like they originate from the IT department, other colleagues, or from HR.
Therefore, it\’s important for organisations to revisit their security controls and ensure they are still appropriate for the current working conditions.
As the workforce adjusts to remote working, organisations need to recognise that traditional security approaches are no longer sufficient. With employees outside the controlled environment of the office, organisations will inevitably struggle to ensure that their employees are complying with best practices such as separating personal devices from work devices. In fact, OneLogin recently conducted a study of 5000 respondents globally which found that almost 40% of employees utilised their corporate laptops for streaming; and 20.5% used it for online games and gambling. Identity is the most important aspect of this new hybrid operating model – understanding who and what device is trying to log into their business environment systems and associated applications. Streamlining identity with IDAAS technology solutions will support organisations continuing to deliver quality IT services while balancing cost and risk for the organisation.