2020 and the global health crisis triggered a mass shift from office-based working to remote home working, and despite challenges around collaboration and the increasing concerns around cyber security, this looks to be a trend that is here to stay.
Recent Office for National Statistics (ONS) studies state that 85% of working adults want to use a hybrid approach to both home and office working and over two fifths of organisations confirming they will move forward with a hybrid model. This means that those temporary concerns around cyber security while working from home will require a permanent fix.
Why does remote working increase the cyber security risk?
Remote working removes two key methods of mitigating the risk of a cyber-attack; a fixed office location and people.
- With employees working from different locations and using different internet access points you are expanding the footprint of your organisation and increasing the “attack surface” and number of potential entry methods to your data.
- With employees working at home, away from their colleagues the potential for an attack via phishing or ransomware increases. It’s not as easy as it used to be to check if that email is really from accounts.
Facilitating remote working and mitigating the risk
With remote working set to stay and the cyber threat landscape growing – , malware threats alone increased by 358% in 2020, it is no surprise that “77% of businesses say that cyber security is a high priority” [Cyber Security Breaches Survey, 2021].
The first step in mitigating cyber security risks is recognising that it cannot be “solved”, this is an ongoing and evolving risk that organisations need to monitor and address constantly.
There are, however, 4 key actions that organisations and their employees can introduce to reduce the risk when working remotely.
Don’t use public networks
Public networks lack security, which means other people can access the network easily as there is no firewall protecting you from malicious intent.
Educate your employees on Phishing attempts
Cyber attacks will come in the form of familiar names, faces and organisations. Train staff to spot the impersonators and suspicious links to prevent any ransom or malware attempts.
Implement a Business VPN
A Virtual Private Network (VPN) offers two key benefits: privacy and security. A VPN will prevent your IP address, location, and search history from being tracked and allow you to access and share your data in a secure environment.
Introduce multi-factor authentication
Multi-Factor Authentication (MFA) requires two or more verification methods to gain access to organisational platforms. This reduces the potential impact of an unauthorised access due to one level of security.