When you work from anywhere, nowhere is safe

Top Business Tech discusses the security threats of the new ‘work from anywhere’ business model.
Top Business Tech discusses the security threats of the new ‘work from anywhere’ business model.

Click here to listen to our podcast ‘When you work from anywhere, nowhere is safe’ on Spotify now.

In 2019, remote working was very limited, and companies preferred all employees to work from their office spaces. However, when the pandemic hit, most organizations had to go remote completely to ensure their employees are safe while keeping their companies afloat. Now, as the world moves out of lockdowns, 47% of companies have said that they would give their employees the choice of working remotely full-time, and 82% said they would offer employees at least one day a week to work from home.

The benefits of remote work 

Remote working comes with quite a few advantages for companies and their employees.

  • Giving employees the choice of where they work can provide them with a sense of freedom, increasing morale and hopefully decreasing their stress levels. When they don’t have to worry about getting to work through rush hour, employees are not feeling rushed throughout the whole day. Another advantage is that companies will save money in various ways.
  • Companies can decrease their office space as they do not need as much space as they did pre-covid. Organizations can save on renting office space, the cost of chairs and desks, and smaller things such as coffee and snacks for breakrooms.
  • With remote work comes a positive impact on the environment. Companies will decrease their carbon footprint as fewer employees will drive to the office.
  • By implementing working remotely, companies will be more attractive to the younger talent, which is what they look for.  

The disadvantages of remote work 

Even though there are some good advantages, remote working comes with numerous dangers and disadvantages. 

If you are thinking of allowing your employees to work remotely, you should review the state of your security systems and the knowledge your employees have on cyberattacks and the various risks they may encounter.

As everything is now done through the internet, remote work has seen an increase in cyberattacks. Any tasks done via the internet opens a company up to cyberattacks; when combined with the risk posed by home routers, working from home increases cybersecurity risks further. 

Luke Irwin from IT Governance has said that “Your Cloud documents, emails and attachments, instant messaging systems for clients and third-party services are all vulnerable, and with so much information being shared digitally, your attack surface has grown much wider.”

Office systems tend to provide employees with a lot more protection using firewalls and IP addresses. However, personal devices and mobile phones for work apps have also created a greater potential of sensitive information entering the wrong hands.

The most common security risks associated with working from home

Let’s take a deeper look into some of the most common security risks employees may experience from working at home.

1. Unsecure Wi-Fi

When employees work remotely from a restaurant, at home or in another office space, they need to connect to a Wi-Fi network. These networks are often insecure and can pose a risk to the security of the individual’s data. 

Most of these Wi-Fi connections don’t have antivirus programmes and firewalls built to protect users from potentially being targeted with malware and disastrous attacks. As a result, malicious actors in the surrounding areas can easily access their connections and collect confidential information when connected to Wi-Fi. IT departments need to be proactive with this by teaching employees how to make their home Wi-Fi systems secure and encouraging them not to use open Wi-Fi networks unless they are using a VPN connection.

2. Phishing 

Phishing scams are aimed at stealing personal information, including ID details, bank account details and others. Attackers carry out phishing scams in various formats; the most common, especially in companies, is email. Employees may receive an email to their work email or private emails, and if they click on the link sent to them, the hackers will gain access to place malware on that specific device. 

Attackers also use SMS to conduct phishing scams. For example, the other day, I received an SMS saying that one of my packages had been delivered to the post office and an additional payment needed to be made. This type of SMS has become very popular with hackers due to increased online shopping during the Covid-19 pandemic. 

New research has found that over 90 days, the number of scam texts pretending to be from a delivery firm represented more than half of all SMS phishing attempts, according to new data provided to UK Finance by cybersecurity company Proofpoint. Laura Suter, head of personal finance at AJ Bell, recently stated that in 2020 scammers stole £479mn from unsuspecting people through these scams, with the actual figure likely to be a lot higher as much of it goes unreported. Most people think they will spot a potential phishing email or SMS; however, they are becoming more and more deceptive. Companies need to train their staff to ensure they can either determine if an email or SMS is a potential scam or give them an IT contact that they can send these messages through to be checked. 

As Fred Voccola, CEO of Kaseya, the IT software management company observes, “comprehensive and frequent cybersecurity training can no longer be considered a ‘nice to have’ for businesses—it’s now absolutely crucial for organizations that are facing an ever-evolving array of cybersecurity threats in the current work-from-home environment.”

3. Personal devices

Our last common security threat that we will look at today is the use of personal devices. Employees may be tempted to use their own devices when they work from home; however, their security may not be strong enough to defend against some cyberattacks. Some companies have even implemented a Bring Your Own Device policy, putting their data at risk. In addition, there is no guarantee that an employee will keep their software up to date, which could open security gaps. The possibility of cyberattacks is not the only worry companies should have with this. If an employee leaves the company, they could take your confidential information with them, and you won’t have an opportunity to retrieve this information.

Tools for prevention 

From the risks mentioned above, you can see cyberattacks are almost entirely inevitable. Whether you work from work devices or personal devices, there is always a way for hackers to get in. Now there may be nowhere to hide, but there are a few things that companies and employees can do to try limit the risk of cyberattacks.

Let’s go through some of the essential tools that all your employees should have installed on their devices to prevent cyberattacks and data loss.

1. Multi-factor authentication

Employees need to implement multi-factor authentication, which will create a multilayer security process that creates a minimal chance of cybercriminals gaining access to private and confidential information. In addition, employees need to ensure that they use a password manager that allows them to use various strong passwords without worrying about forgetting them.

2. VPN

As already mentioned, employees should use a company-provided VPN when working from home or a Wi-Fi hotspot. This will stop any malicious actors from seeing any of the data and information on the device.

Companies need to implement strong firewall software onto everyone’s laptops, even personal laptops. As a result, the company will be more protected from cyberattacks, and their data will be safer. 

3. Endpoint detection 

On top of the firewall software, companies should deploy endpoint detection and response solutions. By doing so, they will be able to prevent malware remotely, respond quickly to threats and automatically manage software deployment.

Organizations and employees may not be safe anywhere, but there is always something that it, and they, can do to improve their security. The main thing to do is train your employees and ensure that they have all the software and equipment that can keep your data their personal information safe.

Click here to discover more podcasts from TBT on Air!

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...