The COVID-19 coronavirus crisis has forced a large segment of the white-collar workplace to abandon their traditional offices and work from home. Remote work can be productive and rewarding, but it comes with its set of cybersecurity risks. Put simply, employees working remotely increase your company’s risk of data breach or cyberattack.
Top WFH Coronavirus Security Risks
The increased risks inherent with remote work have not gone unnoticed by hackers and cybercriminals. These malicious actors are ready and willing to exploit these potential weaknesses in your company’s cybersecurity defenses. Work-from-home employees are susceptible to the following five significant security risks.
1. Use of Personal Devices for Work
In the traditional office environment, employees most likely access your corporate network with company-assigned devices. Company devices are configured to cleanly work with your corporate network and meet your IT department’s security standards.
That is not the case when employees work from home. In the home environment, employees are likely to use a mix of company-assigned devices and their personal devices, including computers and smartphones. These personal devices are typically less secure than company-assigned devices, which leaves them – and your corporate network – open to infiltration and attack.
Furthermore, company-assigned devices in the home environment will often be used for non-work activities. When employees use their work devices to send and receive personal email, access social media, or shop online, it introduces an added security risk. That risk increases even more when the family members of your employees use these work devices.
2. Physical Security
The risk of theft is always present when company devices leave the office. This is especially so when working from a public space, such as a hotel or coffee shop, but it’s also an issue when working from home.
A home filled with electronic devices – computers, routers, tablets, smartphones, TVs, and more – is an attractive target for burglars. Employees leaving their work devices on their desks or coffee tables, visible from open windows, can only encourage theft. Criminals can hack any stolen device to access company data and obtain the credentials necessary to access your corporate network.
3. Unsecured Home Wi-Fi Networks
Corporate networks are secure — wireless networks at home, not so much. Many users don’t enable the strongest security protocols for their routers, which puts all of their wireless communications at risk for unauthorized access.
The lack of adequate Wi-Fi security at home is every bit as risky as when connecting through a public Wi-Fi hotspot. A 2018 iPass survey reported that 81% of companies experienced an incident regarding Wi-Fi security within the previous twelve months. More than half suspected their remote workers had been hacked within the same period.
4. Phishing Scams
These continue to be the most common route hackers use to breach corporate networks. According to the Verizon Data Breach Investigations Report, a third of corporate data breaches involved phishing and other social media techniques.
These phishing scams affect employees no matter where they are – at home, on the road, or in the office. The incidence of phishing emails and text messages is potentially higher for employees working from home. This is because they can be the recipient of these deceptive messages through their work and personal accounts.
5. Lack of Security Training
The underlying cause of many WFH security issues is the lack of security training for remote workers. This results in situations that hackers can readily exploit. According to an analysis by Willis Towers Watson, more than half of data breaches are due to employee negligence or malfeasance.
This lack of security training is especially acute in the current coronavirus crisis, when large numbers of office workers were sent home on short notice, with no time for training of any type. These new home workers had trouble enough setting up their devices for remote work – most have no idea how to practice safe computing from home.
Top Ways to Reduce Coronavirus Cybersecurity Risks
Knowing the dangers of remote work, how can a company reduce the coronavirus cybersecurity risk? Here are some of the things you can do to ensure safer remote work.
Set Up Multi-Factor Authentication
The first thing any company can do to reduce the risk is to make it more difficult for malicious actors to hack into remote workers’ accounts. The easiest and most effective way to do this is to set up multi-factor authentication for all employee logins. It may be less convenient for your employees, but it will help keep unauthorized users out of your systems.
Conduct WFH Security Awareness Training
To make remote workers more aware of cybersecurity issues, IT staff should conduct remote training for WFH security. Tools such as AWS Wickr are ideal for conducting multi-user online training. Make your employees aware of the added security risks that come from working at home and instruct them on how to improve their security profiles.
Offer a Secure Communications Platform
Finally, make sure all your employees are using a secure communications platform for all of their work communications and collaboration. AWS Wickr offers secure video and audio chat, group collaboration, and file sharing – ideal for employees working from home.
Choose AWS Wickr for Secure Remote Communications
AWS Wickr is the most secure enterprise communications platform available today. It uses end-to-end encryption to ensure that no messages or files can be intercepted or stolen. Use AWS Wickr to reduce the risks from having some or all your workforce working remotely.