Two Thirds Of Organizations Suffer Breaches Due To WFH

The remote workplace is now popular across the world thanks to the rapid response to the covid pandemic. While many companies will have now been operating a remote or hybrid structure, a recent survey by security company Fortinet reveals that the remote workplace poses a significant security threat.

The 2022 annual report from the Internet Crime Complaint Center (IC3) shows that data breaches cost the US over $450m, a growth of 148% since 2020.

This demonstrates that, though employers are continuing to offer more flexible working options for their employees, they aren’t committing to keeping their networks secure.

Remote or hybrid workplaces offer unique challenges to data security and some companies may still be encountering new issues even two years into the process. However, the cost of insecure networks and lax document security is too high to not take every step possible to prevent breaches.

WFH Security Issues & The Procedure To Manage Them

Working from home of course means using your home WiFi network, which is undoubtedly more vulnerable than networks set up for business use. The security of an employee’s home network is also difficult and sometimes expensive to assess, meaning many companies will not be able to afford to do it or don’t have the infrastructure in place to do so.

There is technology available to assess personal WiFi systems but this is most likely unaffordable for most small businesses. Therefore, other steps need to be taken to ensure your staff know how to set up their own security. This could include guides on reviewing firewalls, the option to add antivirus software and providing IP addresses to your security team.

Additionally, some small businesses that began remote working in 2020 and have continued the policy may not have been able to offer devices to everyone working from home and are now experiencing issues with security because of this. Even with devices provided by the company, asset management poses a threat to security, particularly when employees leave the business or travel frequently.

Similar to the previous point, you may need to offer your staff security options to keep devices safe. It’s also important to ensure all staff have a strong awareness of their role in maintaining security in their work through regular training. Human error is always the most significant vulnerability and network issues only compound this challenge.

Not only do virtual documents pose challenges, but there are also security issues whenever employees need to use physical documents when working from home. As different kinds of data need to be disposed of in different ways to ensure security compliance, this is not always possible in a home office environment.

For any employees handling physical documents, training must be provided and regularly refreshed on how and when to properly dispose of data. You may also need to purchase equipment like a compliant shredder for your employees’ home offices. This will be necessary if your team works remotely often but may not always be affordable.

Ultimately, if these challenges are too expensive or difficult to manage, you may need to reassess your working-from-home policy. This could mean that some employees need to be in the office more than others or that remote working isn’t a possibility for your staff. Though many companies are working on a hybrid model, the level of insecurity this causes could be too much to risk for your company.

How The Remote Workplace Has Made Data Security Even More Essential

The Fortinet survey also found that most organizations haven’t mitigated the risks related to home working in the two years since the practice has become more commonplace. Since the data shows that the cost of data breaches has more than doubled in this same period, this highlights how essential security measures are.

Whether it’s virtual or physical data, every business needs to ensure they have thorough policies, the right technology and a competent awareness from all staff on how they can protect the boundaries of your organization from breaches.

Kyle Mitchell is Commercial Sales Director at Whitaker Brothers

You Might Also Read 

Retrofixing The Remote Workforce:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Manchester University Hacked
Meta Is Building A Rival To Twitter  »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Internet Security Alliance (ISA)

Internet Security Alliance (ISA)

ISA is an international trade association providing thought leadership in advancing a sustainable system of cyber security.

Planit Testing

Planit Testing

Planit is a leader in Quality Assurance and a specialist in software testing and training services.

Cyber Risk & Insurance Forum (CRIF)

Cyber Risk & Insurance Forum (CRIF)

CRIF helps organisations understand cyber risks and the damage that might occur by supporting the development of effective insurance solutions.

Ridgeback Network Defense

Ridgeback Network Defense

Ridgeback is an enterprise security software platform that defeats malicious network invasion in real time. Ridgeback champions the idea that to defeat an enemy you must engage them.

SentryBay

SentryBay

SentryBay is a real-time data security company developing technology for PC, mobile, the cloud and IoT.

Emsisoft

Emsisoft

Emsisoft protects your devices against all types of malware, ransomware and other threats with no-bloat anti-malware & antivirus solutions.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

IFE Digital Systems

IFE Digital Systems

IFE Digital Systems conducts research, development and consultancy in risk, safety and security related to digital systems in critical infrastructure.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

Symantec

Symantec

Symantec delivers data-centric hybrid security for the largest, most complex organizations in the world – on devices, in private data centers, and in the cloud.

Avancer Corporation

Avancer Corporation

Avancer Corporation is a multi-system integrator focusing on Identity and Access Management (IAM) Technology. Founded in 2004.

Cynalytica

Cynalytica

Cynalytica deliver pioneering cybersecurity and machine analytics technologies that help protect critical infrastructure, securely enable Industry 4.0 and help accelerate digital transformation.

Crypto Legal

Crypto Legal

Crypto Legal is a leading UK-based law firm specialising in blockchain forensics and legal services.

Kong

Kong

Kong - powering the API world. Increase developer productivity, security, and performance at scale with the unified platform for API management, service mesh, and ingress controller.

Evolve Business Group

Evolve Business Group

Evolve is an independently-owned managed network solutions provider, creating bespoke packages for customers globally since 2005.

Clumio

Clumio

Clumio provides autonomous backup and recovery for critical cloud data.