The Coronavirus has upended virtually every element of our daily lives, including where and how we work. As many companies rush to transform their operations to be fully remote, IT challenges arise, especially in regard to cybersecurity. We’ve put together these resources about remote security in a crisis to help in those efforts.
As Time Magazine described it, the COVID-19 pandemic has necessitated the “world’s largest work-from-home experiment.” Even before COVID-19 made working from home a necessity, remote work was already becoming a norm at many companies. In total, it’s estimated that 70% of people globally work remotely at least once a week.
However, the ability to access company IT from locations outside of the office also poses a significant cybersecurity risk, as bad actors look to capitalize on this rapid transition to facilitate data breaches. This is especially true for hastily assembled work-from-home arrangements that don’t make cybersecurity their top priority.
Here’s what you need to know about the cybersecurity risks that come from remote work and the steps that you can take to protect company and customer data.
Understanding the Risk
Remote access tools are a mission-critical feature that allows physically distant employees to remain technologically close. While this arrangement always poses a certain level of cybersecurity risk, the rapid transition toward remote work means that many companies and employees are unprepared, leaving them exposed to bad actors.
Employees unfamiliar with VPN services are downloading malware. As a recent report on cybersecurity and the COVID-19 pandemic found, “Unsuspecting victims around the world are falling victim because they are being tricked into downloading and installing malware masquerading as legitimate VPN clients.”
Unfortunately, even trusted VPN services are being put to the test during this challenging season. Cybersecurity researchers recently identified seven vulnerabilities that plague reputable VPNs and could pose substantial cybersecurity threats. At the same time, unsecured internet connections and personal devices put data at risk.
Many workers did not have time to prepare for a rapid transition to home-based work. As a result, their home WIFI networks may not be configured with the same security protocols that govern the employer’s in-house systems. Many employees will also engage in remote access from personal devices that could be infected with malware or other cybersecurity vulnerabilities.
Hackers are especially adept at exploiting the IoT devices prevalent in many employees’ homes. In the UK, the National Cyber Security Center has published recommendations for owners of smart cameras, baby monitors, and other IoT devices that could pose cybersecurity threats for at-home workers.
Perhaps most prominently, phishing scams and fraud attempts will continue to target employees while they work at home. Last week, we published a blog on the phishing attack threat facing remote workers. Those problems persist, as bad actors look to capitalize on employees’ fear and uncertainty to capture critical data. Unfortunately, the isolation that accompanies social distancing increases the risk of employees falling for a phishing scam that compromises company or customer data.
Implementing the Proper Solution
It’s clear that this pandemic isn’t going to abate anytime soon, and our COVID-19 moment is likely to inspire weeks, months, or even years of prodigious growth in remote work. Therefore, every company should reassess its cybersecurity readiness, ensuring that their defensive posture is prepared to meet this unique moment.
Here are the steps to take to get started
At ID Agent, we are ready to support your remote work transformation. If we can help in any way, please don’t hesitate to contact us to learn more about how our industry-leading cybersecurity tools can keep your information safe as employees work from home now and in the future.