Remote Work Is Great (for hackers, that is)
image credit: Credit: Wikipedia
- Nov 23, 2020 4:56 pm GMTNov 23, 2020 2:41 pm GMT
- 471 views
The move to remote work has opened a cybersecurity Pandora’s box, according to a new report.
Covid-19 shutdowns created a need for rapid enterprise technology implementation. This resulted in security and compliance gaps and potential data breach opportunities.
According to the report from SailPoint, a distributed workforce means hackers can capitalize on the potential for unsecured workforce access across multiple user access points. Password frailties and lax cybersecurity best practices also present security gaps.
The report said that many businesses skipped some of the critical security requirements of remote work, like identity security, revealing existing holes in security infrastructure and widening the threat landscape. Hackers’ tactics mean one of the largest threats posed to businesses can be remote workers themselves.
According to the report, 48% of total U.S. respondents said they had experienced targeted phishing emails, calls, or texts in a personal or professional capacity during the first six months of remote work. The report said that working from home lends itself to sharing sensitive company data and communicating via virtual platforms.
“It is a digital gold mine for hackers who own all the tools necessary to infiltrate a company when key defenses are down,” the report said.
Device sharing with spouses, children, and other family members also is typical, the report said. Workers also use the same technologies for different personal needs – such as checking personal email or social media channels and online shopping. Such practices increase risk by creating multiple entry points and introducing security vulnerabilities.
The report said that 1 in 3 U.S. employees reported using their own computer and smartphone to enable remote work, while 17% reported using a computer and smartphone owned by their employer.
What’s more, nearly a third of those under 25 admitted to sharing their passwords; the most significant sharers were those aged 25 to 34 (39%). The survey found that the older the group was, the lower the overall risk of password sharing.
For example, those 35 to 44 (26%) and 45 to 54 (20%) shared login credentials significantly less than their younger counterparts. But those aged 55-65+ were the most password secure, with only 17% admitting to swapping credentials.
The report said that many organizations are operating under dated protocols. While protections like password resets, regular security training, and providing employees a more secure approach to accessing files and folders are important, organizations need to better address who has access, should have access, and what they are doing with that access.
The report said that “With so many new tools, platforms, databases, clouds, and everything else introduced rapidly to enable collaborative business continuity, organizations require scalable identity security solutions to protect what they cannot see.”