The COVID-19 pandemic reached the US like a tidal wave about mid-February in 2020. The virus shut down schools, closed businesses, and disrupted our way of life—including how we work. It’s estimated that about 42% of the American workforce is now working from home full-time, which has led to an increase in cyberattacks the likes of which we haven’t seen in all of internet history. An incredible jump of 400% in brute force attacks in March and April of 2020 showed us that cybercriminals were watching and waiting for their opportunity.
The problem with working from home is that it causes an increase in unsecured remote desktops, and if your company isn’t using the latest security software, you could be setting yourself up for an attack that could potentially bankrupt the company. The average cost of a data breach for a small business is around $200,000, and it’s safe to say that not too many small businesses have that lying around in a piggy bank somewhere.
So, does remote work make cyberattacks more likely? Are remote workers more vulnerable? The short answer is yes, but let’s look deeper into why that is and what can be done about it.
While many companies have allowed employees to take company laptops or other web-connected devices home to work with, some have required employees to use their personal devices. This is a dangerous practice for the simple fact that you just can’t guarantee the security of a personal computer on the company’s end. Even if you’re using a remote desktop, it’s still being accessed from a personal device, and your company has no way of knowing just how secure that device is.
When it comes to securing the entire business network, a tool like the SentinelOne endpoint protection platform is your best chance to secure everything from end-to-end. Without an advanced AI system monitoring for attacks, your company could be vulnerable to all of the devices connected to it.
Public Or Home WiFi
The other issue that often arises with remote work is the use of unsecured home WiFi networks, or, even worse, public WiFi networks at coffee shops, bookstores, campuses, etc. The worst thing a remote employee can do is access the company’s remote system from an unsecured network. Anyone could be watching or potentially phishing, and a single compromised computer can sink the entire cybersecurity network. If you don’t have the latest advanced cybersecurity tools, you may not even know you’re being hacked until it’s too late.
It’s important to set strict work-from-home policies for your employees, and among those should be the policy of never using public WiFi or an unsecured home network. Home networks should always have a strong password on them.
Overwhelmed IT Departments
Another problem we’ve seen during the work-from-home era is the overwhelming nature of technical problems in a remote environment. Many of the workers who were forced to work from home had never done so, and, even the companies sending them home had never attempted such a thing. It’s been very much a “trial by fire”, and has left IT departments overwhelmed with help desk tickets. An overwhelmed IT department means they have less time and resources to spend looking for, preventing, and stopping cyberattacks.
Some companies have had to hire outside firms just to keep up with demand, but there’s a way around this. Using the latest AI systems like SentinelOne, you can keep your IT department focused on helping your employees assimilate to a work-from-home environment, while Sentinel monitors for potential threats.
Company Software On Private Devices
There’s always a risk when a company allows proprietary software to be installed on personal devices, or even simple logins to remote systems from personal devices to occur. Personal devices often don’t follow strict security protocols, and more than half of all adults reuse passwords. That’s a disturbing statistic in itself, but knowing your company software is on a device with a password like “password123” is even more concerning.
If you can, invest in company devices that employees can take home. That way, you can be in control of the security measures of each device, and can monitor them directly. While this might seem like a steep investment cost, remember that the average data breach costs close to a quarter of a million dollars. It’s safe to say which is likely the more affordable approach.
Poor Home Practices
One of the biggest reasons cyberattacks have risen in the COVID era is because the average person isn’t savvy with cybersecurity requirements. Sure, you might have strict policies in the office, but in the comfort of their own home, some people become lax and don’t pay as close attention to things like passwords and WiFi. Be sure you’re reinforcing company policies as much as possible outside the physical workspace. You should have a remote cybersecurity plan in place that every employee is required to follow.
The Bottom Line
Protecting company data remotely is a challenge, but with the right technology and awareness in your employees, it can be done. Be sure to reinforce cybersecurity standards in all employees, and provide company devices whenever possible to avoid the dangers of unsecured personal devices.