Published: October 29, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
A recent study conducted by Trend Micro highlighted that 39% of workers use personal devices to access data on the corporate network. As flexible work schedules and working locations become more widespread and going remote increases the corporate attack ranges, users are increasingly exposed to targeted attacks that will affect the organizations.
Research shows that personal devices such as smartphones, tablets, and laptops, as well as home internet infrastructures, are not configured to the same level of security when compared with corporate environments. The recent pandemic has increased the need for remote working and put a spotlight on the need to improve online security outside of the office.
Trend Micro researchers interviewed 13,200 employees in 27 countries with respect to their attitudes on corporate cybersecurity and IT policies. Over three-quarters of those who responded were working from home during the pandemic. The report helps highlight where the cyber security risks reside.
Some good stats:
72% of respondents said they have become more cyber security aware since working from home
85% agreed they have the responsibility to keep their organization secure
81% know there is a limit to what browsing should be done on a company laptop or other device
Unfortunately, that’s the end of the good news. The report found that about a third of remote workers worked on a sensitive document in view of members of the public without using a privacy shield of any kind. Shockingly, for those working in the human resources areas, that number was 47%. Over 20% of those asked said they saw no issue with downloading applications from sites that are not official app stores (also known as sideloading). Eight percent (8%) admitted to accessing pornography sites on work devices and 28% said they allow unsupervised third parties to use their work devices, such as children or spouses.
No need to despair. There are recommendations to help mitigate risks:
Make sure all employees and contractors are password protecting the devices they use at home with strong passwords. When possible, require the use of multi-factor authentication (MFA) to access any work device.
Require the installation and updating of anti-virus/anti-malware software on all devices that are used for work purposes.
Perform on going cyber security awareness training for all uses of corporate devices and networks. This should include how to spot phishing attacks and what the current trends in cyber threats are and how they are evolving.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at email@example.com