Most Common Remote Work Security Risks
Remote work has become a highly popular and common practice around the world, especially now as companies allow a significant part of their employees to remain remote. However, while this practice increases flexibility, improves productivity, and enhances work-life balance, there’s a downside to it – remote work security risks.
In this new remote-working landscape created by the COVID-19 pandemic, cybersecurity became an even greater concern for businesses everywhere.
The necessity of more rigorous and powerful cybersecurity to protect employees working remotely means that organizations should start looking toward more advanced approaches, such as investing in a zero-trust model and identity-centric services, to provide a stronger approach to these frequent attacks.
Remote Work Security Risks for Employees
Companies may have a fully remote workforce, people who work from home from time to time, or employees who frequently go on business trips. And without a doubt, it’s more difficult to take care of their security than it is to manage your on-site endpoints.
Here are five bad habits related to remote work an organization’s remote workers may be making that endanger the company:
1. Accessing Sensitive Data Through Unsafe Wi-Fi Networks
Your employees’ could be connecting to their home wireless network or accessing their corporate accounts using unsecured public Wi-Fi. This way, malicious actors nearby can easily spy on their connection and harvest confidential information. For instance, data sent in an unencrypted form in plain text might be intercepted and stolen by cybercriminals. For this reason, your employees should not be allowed to access any unknown Wi-Fi networks unless they are using a VPN connection.
2. Using Personal Devices for Work
46% of employees admitted to transferring files between work and personal computers when working from home, which is a worrying practice.
At the same time, a trend of allowing employees to use their personal devices at work, commonly referred to as “Bring Your Own Device” or BYOD policy, has appeared.
You need to be fully aware of the issues involved by your employees using their personal devices for work-related matters. For instance, they may suddenly leave the company and hold on to the confidential information that has been stored on their device during their employment and you will not get the chance to erase it.
What’s more, they may not be keeping their software up-to-date, which opens up security holes in your environment. We keep stressing the importance of applying software patches in a timely manner and for a good reason.
Consequently, we would advise against letting your employees use their personal devices at work since it would be difficult for you to control what happens on their endpoints.
3. Ignoring Basic Physical Security Practices in Public Places
Even if cybersecurity is our focus, we can’t completely leave physical security behind when it comes to your company’s sensitive information. For example, there are employees who may be talking loudly on the phone while working in public places, expose their laptop’s screen for the entire crowd inside a café to see or even leave their devices unattended.
Companies should teach their employees even the most basic security measures, even if they may seem like common sense at first glance. A friendly reminder for them not to expose the data of your business will always be of great benefit.
4. Using Weak Passwords
Even if an organization uses VPNs, firewalls, and other cybersecurity solutions in order to keep safe your remote network, human error happens when employees attempt to protect their accounts with weak passwords.
Cybercriminals are aware that human error is easier to exploit than trying to get past an advanced security solution, which is why they will attempt to crack account passwords in order to access private company data.
Hackers use a variety of measures to crack passwords. For instance, they will put together lists of frequently used passwords that can be used to easily access poorly protected accounts.
Repeat passwords are another usual insecure operation that cybercriminals use. Once they crack the password to one account, they will attempt to access other accounts with that same password. Workers who repeat passwords, especially across personal and business accounts, are at a higher risk of becoming victims of a cyberattack.
5. The Practice of Unencrypted File Sharing
While organizations may think to encrypt information that’s stored on their network, they may not consider encrypting data when it’s in transit from one place to another.
Your employees share so much private data every day, from client account information to files and more, that your company cannot afford to not secure this information from being seized by a cybercriminal. If sensitive company information is intercepted, it can lead to identity fraud, ransomware cyberattacks, theft, and more.
Remote Work Security Risks for Companies
Your remote employees may be unknowingly putting your company’s data at risk. Working from home can potentially cause data breaches, identity theft, and a host of other negative results.
1. Email Scams
Your employees who work remotely can become the biggest threat to your network’s security. By unknowingly following cybersecurity worst practices, employees can actually be the ones giving threat actors access to your network and your company’s private information.
When company operations suddenly or temporarily change to remote work, employees can become confused as to how to continue to work securely.
The most important cyber threat to remote employees is phishing strategies.
Phishing schemes involve an individual or entity masquerade as a legitimate source, usually over email, to fool a victim into providing private login credentials or privileged information, which can then be employed to break into accounts, steal more confidential information, perform identity fraud, and much more.
Phishing emails have become so sophisticated that it is increasingly becoming more challenging for employees to notice them, especially when phishing emails make it past email filters straight to an employee’s main inbox.
2. Security Controls Are Weaker
The weakening of security controls goes far beyond relaxing firewall rules and email policy. Multiple existing layers of cyber protection will not apply to remote employees. Workers suddenly taking their work devices home with them will find themselves stripped of defense as they replace the office network with their home Wi-Fi.
Client devices will remain unprotected and exposed to possible unsecured networks amongst potentially compromised devices now that NAC, IDS, and NGFW or proxy servers don’t exist anymore. Furthermore, internal network security could also be compromised. Remote workers might need access to resources formerly only accessible on a wired network in one location.
3. Cyberattacks on Remote-working Infrastructure
Apart from the weakening of existing controls, spinning up new infrastructure will generate new risks. Security teams should be on alert for brute force and server-side attacks. DDoS protection will also become essential.
For multiple organizations, this will be the first time that a DDoS attack could destroy their business by preventing remote workers from accessing services over the internet. Researchers expect to see a sharp increase in both of these forms of attack.
4. Threats Everywhere
There are remote work security risks everywhere! Unfortunately, there will be individuals inside our own organizations that want to kick us while we are already in a difficult situation. Sudden remote working is a blessing for malicious insiders. Sensitive information can now be easily stolen from a company device over USB within the privacy of their own home.
Security monitoring may be destroyed or deactivated completely. This risk is harder to tackle. It may not be eliminable, but it can be balanced against the need for productivity and access to data.
People around us may also represent a threat. Yes, you heard it right! Most of us think we live with people we can trust, but from a company point of view, their staff homes are zero-trust environments. Private discussions can now be heard, intellectual property can be seen on screens and monitors in living rooms everywhere in the world. The solution? We need to educate all our employees in order to safely work from home.
Creating a Work-from-home Security Policy
So, how do you protect your company’s private data when you can’t fully control the devices used to access your network? Where should you start to make sure your remote workforce is secure? How can you reduce the cybersecurity issues with remote work?
The first step is to create a security policy specifically designed for remote workers. 93% of the IT professional interviewed in the OpenVPN study already have a formalized remote work policy in place and this is quite impressive and reassuring.
Below are the essential security clauses that should be included in your remote work policy:
- Clearly define which positions are eligible for remote work.
Be transparent towards your employees. Everyone should be aware which job functions are allowed to work remotely are which are not due to security reasons. Unfortunately, not every position is a good fit for remote work. If you don’t have a clear guide in place, chances are your work-from-home approvals will be judged as unfair.
- List the tools and platforms they should be using.
Both your remote and on-site employees should be on the same page at all times and use the same approved tools, such as cloud storage platforms, communication/video conferencing tools, project management tools, etc.
- Provide employees with steps to follow at the first signs of account compromise.
If they believe the company’s information has been compromised, they should have a clear guide to follow, such as where they should report the incident, be instructed to immediately change their passwords, etc. These steps should be included in their mandatory cybersecurity training, alongside other items such as how to create strong passwords.
Best Practices to Avoid Security Risks When Working from Home
Here are the fundamental tools that both your regular and remote employees should have installed on their devices:
1. Multi-factor authentication
This type of authentication will act as an additional layer of security on top of your remote employees’ accounts. The more security layers in place, the little the risk of cyber-criminals gaining access to your sensitive systems.
2. Password Manager
Besides multi-factor authentication, in regards to passwords, your employees should also be using a password manager. This way, they will not need to remember all of the different passwords that they need to set up for their work-related accounts.
VPN connections are crucial when your employees connect to unsecured networks, such as Wi-Fi hotspots, even when they work from home. It’s recommended for your employees to be using your company’s VPN. What this tool does is route the traffic through the internet from your organization’s private network, ensuring even more security. Basically, anyone who tries to intercept the encrypted data will not be able to read it. And this way, your employees will be able to connect to your company’s intranet, the private network designed to be used only by your company’s staff (in case you have one).
A firewall will prevent unauthorized access to and from the network, further strengthening the security of your employees’ devices. What firewalls do is monitor network traffic, at the same time finding and blocking unwanted traffic. So, firewalls are important tools that will protect your remote endpoints against various cyber threats.
5. A strong EDR solution
Last but not least, your system administrators should be able to see the exact details of your endpoints at all times. This is why it’s recommended you deploy a complete endpoint detection and response (EDR) solution, that will allow you to remotely prevent next-gen malware, data leakage, respond quickly to threats, and automatically manage software deployment and patching.
- Next-gen Antivirus & Firewall which stops known threats;
- DNS traffic filter which stops unknown threats;
- Automatic patches for your software and apps with no interruptions;
- Privileged Access Management and Application Control, all in one unified dashboard
Cybersecurity and Remote Work Statistics
In a recent study, OpenVPN reported that 90% of IT professionals believe remote workers are not secure. At the same time, over 70% think remote staff poses a greater risk than onsite employees. So, the good news is that experts are actually acknowledging remote work security risks and this is the first step towards addressing the issue.
Last year, a Kaspersky survey revealed 68% of remote workers use personal devices for work — which in 2021 conditions is nowhere near surprising. What is problematic is the content these personal devices are subjected to outside of working hours. They also found 3 in 4 (73%) employees working from home during the COVID-19 pandemic have not yet received any specific cybersecurity awareness guidance or training from their employer. Additionally, 1 in 4 (27%) employees said they have received phishing emails related to COVID-19.
It’s crucial for you to remain innovative and competitive in the current business landscape and allowing your employees to work remotely is definitely a necessary step. Yet, remote work comes with security risks that you should address before you allow anyone to work from outside the office – no matter if we’re talking about permanent remote workers or the ones who do it just a few hours per month. However, only when you will correctly respond to this challenge, will you be capable of fully seizing this opportunity that increases talent retention, productivity, and improves your staff’s work-life balance.
This article was originally published by Bianca Soare on October 18th, 2016, and was updated by Antonia Din in July 2021.