How Remote Working can put your business at greater risk of Cyber-Attacks

Published: 20 August 2021

2020 and the global health crisis triggered a mass shift from office-based working to remote home working, and despite challenges around collaboration and the increasing concerns around cyber security this looks to be a trend that is here to stay.  

Recent Office for National Statistics (ONS) studies state that 85% of working adults want to use a hybrid approach to both home and office working and over two fifths of organisations confirming they will move forward with a hybrid model. This means that those temporary concerns around cyber security while working from home will require a permanent fix.  

Why does remote working increase the cyber security risk?  

Remote working removes two key methods of mitigating the risk of a cyber-attack; a fixed office location and people.  

  1. With employees working from different locations and using different internet access points you are expanding the footprint of your organisation and increasing the “attack surface” and number of potential entry methods to your data.  
  2. With employees working at home, away from their colleagues the potential for an attack via phishing or ransomware increases. It’s not as easy as it used to be to check if that email is really from accounts.  

Facilitating remote working and mitigating the risk

With remote working set to stay and the cyber threat landscape growing – , malware threats alone increased by 358% in 2020,   it is no surprise that “77% of businesses say that cyber security is high priority” [Cyber Security Breaches Survey, 2021].  

The first step in mitigating cyber security risks is recognising that it cannot be “solved”, this is an ongoing and evolving risk that organisations need to monitor and address constantly.  

There are, however, 4 key actions that organisations and their employees can introduce to reduce the risk when working remotely. 

Don’t use public networks 

Public networks lack security, which means other people can access the network easily as there is no firewall protecting you from malicious intent.  

Educate your employees on Phishing attempts 

Cyber attacks will come in the form of familiar names, faces and organisations. Train staff to spot the impersonators and suspicious links to prevent any ransom or malware attempts.  

 Implement a Business VPN 

A Virtual Private Network (VPN) offers two key benefits: privacy and security. A VPN will prevent your IP address, location, and search history from being tracked and allow you to access and share your data in a secure environment.  

 Introduce multi-factor authentication 

Multi-Factor Authentication (MFA) requires two or more verification methods to gain access to organisational platforms. This reduces the potential impact of an unauthorised access due to one level of security. 

Read More

MFA: why you need additional Cyber Security defence  

14 March 2024

MFA (Multi Factor Authentication) is a great tool for adding an extra cyber protection, however it's not enough on its own.

Is an annual penetration test really necessary?

13 March 2024

Do you need an annual Penetration Test? Our CTO Simon Barnes discusses everything from what is insurance mandated and the risks involved.

Ransomware – A threat to all organisations

29 November 2023

Our CTO takes a look at the reality of Ransomware and what you can do to protect your organisation

Summary of the NCSC’s latest report on Ransomware

15 November 2023

Read more...