More than 15 percent of North American workers are now doing their jobs from home, or in a hybrid work capacity. That figure is expected to rise to 25 percent by the end of 2023.
While it might mean more freedom and happiness for employees, it can also increase the threats that exist to your business. Today, we examine four cybersecurity challenges that businesses need to watch out for as employees transition to remote or hybrid work models.
Problem 1: Use of Personal Devices
Joe is an employee, who feels more comfortable working on his personal computer. He’s snowed in and has to work from home. He has an RSA token that allows him to log into his company’s virtual software through any web-based browser. Super convenient, right?
PC Malware Risks
Unfortunately, Joe also has a piece of malware on his personal computer that he’s completely unaware of. This particular malware logs and records keystrokes. The hacker that created the malware deduces that he works for a public service agency, and captures URL data, his user name, and password. As a result, all the private information on the company’s network is vulnerable.
Corporate Malware Prevention
Companies concerned about cybersecurity would be wise to forbid employees who work with sensitive data from using personal computers and other non-company devices to access business networks. When you don’t control the hardware, you don’t control the anti-virus protections that are being used on those devices. As a result, anything your employee does puts your company at risk.
Problem 2: Reusing Passwords
Cindy has three online financial accounts, five social networks, Netflix, Amazon Prime, Hulu, Disney+, and often signs up for free trials of interesting products. She also has a work login and ID for when she is working remotely.
Many of these accounts require different formats for user IDs. It’s a lot to keep up with, so she decides that she’s just going to use one or two passwords across all those accounts. Surely, it’s no big deal since the two active passwords she’s using follow “Strong” password recommendations, right?
Password Data Breaches
Too many people like Cindy think they’re safe in the above scenario. They don’t realize that cracking just one password can put their finances, privacy, and work information at risk. Scammers know that people are lazy with passwords, and that’s why they go after them so much.
Create Strong Passwords and Two-Factor Authentication
Businesses with employees who work from home may not be able to control the reuse of passwords, but they can take steps to mitigate the risk. That’s done through 2FA, or two-factor authentication, making employees change their passwords every 30-90 days with no option to reuse, and even by controlling the mandatory characters that a password must have during those time periods.
Problem 3: Lack of Training for Common Cyberthreats
Tom logs into his work email and sees a name that resembles one belonging to a company vendor. He hasn’t had his morning coffee and fails to notice the subtle differences in the sender’s name.
Immediately, he notices that the business account he uses has been compromised. There’s a link he can click on to change his password and address the issue. He does so at once.
Email Phishing Scams
Workers like Tom belong to many generations. Not all are as technologically savvy as others. While a younger employee could notice immediately that this is a common phishing tactic — one that affects 57 percent of businesses, according to one report — an employee nearing retirement can be easily misled by the sophisticated phishing tactics that many scammers use.
Recognize Email Phishing Tactics
Preach to your employees to never click links within emails unless they’re absolutely certain it’s from a reliable sender with whom they are familiar. Doing just that could have prevented Tom’s email phishing situation, but don’t stop there.
Train your employees on all manner of cyberattacks. Make cybersafety training frequent and mandatory, so all employees are up-to-date on the latest safe browsing tactics.
Problem 4: Taxing Your Resources
You have an aging workforce. They’re not as familiar with the current trends in cyberattacks and security. A surge in COVID cases has sent the majority of your workforce back to their home offices for the next few weeks. You haven’t trained your staff in quite some time, if ever, about home cybersecurity tactics.
Common Hybrid Work Security Problems
On the first day of remote work, a staff member using their personal computer to log in accidentally compromises their work account. Now colleagues are getting cleverly disguised phishing emails that put your entire network, computers, and other employees at risk. This creates a tsunami of help-desk tickets on your in-house IT staff and brings productivity to a halt.
Employee Cybersecurity Training
Train your employees extensively. This is incredibly important if your staff will be logging in from home or over a mobile device. Beyond that, send out regular cybersafety bulletins about prominent threats and red flags to watch out for.
Make sure they’re signing off on those bulletins once they’ve read them. Forbid personal computer use at remote work locations, if possible. And last but not least, make sure you have adequate coverage on the IT front, whether that means in-house staff or outsourcing to an IT and cybersecurity specialist like Computer CPR in Southlake, Texas.
Cybersecurity Challenges For Remote and Hybrid Work Are Not Going Away
The remote and hybrid work revolution has created more opportunities for business owners and employees. Unfortunately, it’s also created new avenues of mischief for cyber attackers. Handling it all in-house can be burdensome and steer you away from the tenets of your business.
It helps to have a specialist looking out for you at all times. One that can steer you through each remote work transition, whether it’s temporary or permanent. Computer CPR has been helping Texas-based businesses in Southlake and beyond since 2007 avoid all manner of threats and recover from unexpected attacks. Contact us today to learn how we can help with your remote or hybrid work setup.