Four cybersecurity mistakes your remote workforce is making

Barry O’Donnell, Chief Operating Officer at TSG, covers the four commonly made mistakes made by a remote workforce and the measures you need to put in place to ensure that they won’t compromise the security of your business.

For many businesses, remote working has become a normal practice. Working away from the office had been on the rise for the past few years, but many organisations were pushed to begin embracing it from March 2020.

Since then, businesses have solved teething issues like remote collaboration and a lack of equipment. But what about the security implications?

Remote working brings with it a new set of cybersecurity challenges. We already know that your employees are your weakest link to your IT security; 95% of security breaches begin with a human error. Cybersecurity education is vital to ensure that your remote working policies are followed closely.

This education begins with ensuring your workforce does not make some of these commonly made mistakes. 

1.      Switching between personal and work devices

Remote working can blur the lines between business and personal life. That means employees could slip into bad cybersecurity habits – for example, using work devices for personal tasks and vice versa.

A survey by IBM found that over half of remote workers use a personal device to carry out their work. Business data is more likely to be compromised on a personal device, especially if people external to the business are using it. Employees won’t have business-grade security solutions installed on their personal devices and, with no IT supervision, they may have unknowingly installed malware or bloatware.

Equipping your employees with up-to-date technology will mitigate this risk. But if that’s not possible, there are other options. Implementing cloud-based solutions for communication and file storage can ensure they’re protected. Data-loss prevention tools will also add a layer of security to their personal devices.

2.      Clicking on dangerous links

This isn’t a risk only associated with home working, but it’s amplified in this setting. Phishing emails in the UK increased by an eye-watering 667% in the early stages of the pandemic. The analysis recorded 1,188 phishing emails in February, rising steeply to 9,116 in March.

Cybercriminals are also taking advantage of the pandemic itself. The study found that 2% of phishing emails were COVID-themed, capitalising on widespread fears about the virus. Some scam emails impersonate the World Health Organisation (WHO), leading it to issue guidance on spotting fake emails.

Education is vital to avoiding falling victim to an email-borne cyber-attack. By empowering your employees to spot the signs of a suspicious email, file, or link, you’re strengthening your first line of defence. You can educate your staff in many ways, from mandatory training courses to tools that simulate phishing attacks. One of the best methods is to tap into the expertise of a managed IT services provider; it’s their job to hire the best cybersecurity professionals.

3.      Employees aren’t installing vital security updates

It’s easy to fall into bad cybersecurity habits without the watchful eyes of your IT team. That’s certainly the case for 20% of remote workers who are not regularly installing updates for the tools that enable them to work from home, such as Zoom.

Many people see software updates as a nuisance. That’s why education is again vital to helping your people understand their importance. But having a backup plan is important, too. There are tools you can use to force your users to update their devices within a certain timeframe.

Education will also help your people to understand why they should install updates on their mobile phones.

4.      Employees haven’t enabled multi-factor authentication (MFA)

A strong cybersecurity defence includes strong password policies – however, this can often be overlooked or even put aside for most employees as something ‘to do later’. Sometimes their passwords might also not be strong enough to fight against cyber hackers.

With that being said, the risk of passwords being compromised can be mitigated by including the use of multi-factor authentication (MFA).

MFA is the process of employees providing multiple verification forms to prove their identity before logging into secure business systems. This means that when an employee attempts to log in, it can ping an approval request to their mobile phone. It also then considers other forms of user identification, such as biometrics.

An MFA system can even be set up to require authentication repeatedly on a cycle to safeguard business systems if a remote employee leaves their machines unattended for a period of time.

In the event there is suspicious activity, such as an employee receiving an approval request despite not logging into their account, they can send this to your IT team to investigate and stop potential hackers in their tracks.

Utilise remote working safely

Remote working has many benefits, including increased productivity, improved employee mental health, and reduced costs in office space. But it also has its challenges. Barry O’Donnell, Operations Director, at managed IT services provider: TSG, says, “We’ve advocated the benefits of remote working for a long time, but it’s not without its challenges.

“We’ve identified the most common security threats for remote employees, so businesses aren’t punished for keeping their employees safe and productive. The fixes we’ve recommended aren’t costly or time-intensive, so organisations will be able to make their remote workforce secure in no time.”

READ MORE: 

Cybersecurity should always be a high priority for businesses, but it takes precedence for organisations with a high percentage of remote workers. By putting these measures in place, you can rest assured that your remote workforce won’t compromise the security of your business.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Barry O'Donnell

Barry O'Donnell is the Chief Operating Officer at TSG, offering managed IT support in London, with expertise across a range of areas including Office 365, Dynamics 365, document management and business intelligence.

Ab Initio partners with BT Group to deliver big data

Luke Conrad • 24th October 2022

AI is becoming an increasingly important element of the digital transformation of many businesses. As well as introducing new opportunities, it also poses a number of challenges for IT teams and the data teams supporting them. Ab Initio has announced a partnership with BT Group to implement its big data management solutions on BT’s internal...

WAICF – Dive into AI visiting one of the most...

Delia Salinas • 10th March 2022

Every year Cannes held an international technological event called World Artificial Intelligence Cannes Festival, better known by its acronym WAICF. One of the most luxurious cities around the world, located on the French Riviera and host of the annual Cannes Film Festival, Midem, and Cannes Lions International Festival of Creativity. 

Bouncing back from a natural disaster with resilience

Amber Donovan-Stevens • 16th December 2021

In the last decade, we’ve seen some of the most extreme weather events since records began, all driven by our human impact on the plant. Businesses are rapidly trying to implement new green policies to do their part, but climate change has also forced businesses to adapt and redefine their disaster recovery approach. Curtis Preston,...