Two Thirds Of Organizations Suffer Breaches Due To WFH

The remote workplace is now popular across the world thanks to the rapid response to the covid pandemic. While many companies will have now been operating a remote or hybrid structure, a recent survey by security company Fortinet reveals that the remote workplace poses a significant security threat.

The 2022 annual report from the Internet Crime Complaint Center (IC3) shows that data breaches cost the US over $450m, a growth of 148% since 2020.

This demonstrates that, though employers are continuing to offer more flexible working options for their employees, they aren’t committing to keeping their networks secure.

Remote or hybrid workplaces offer unique challenges to data security and some companies may still be encountering new issues even two years into the process. However, the cost of insecure networks and lax document security is too high to not take every step possible to prevent breaches.

WFH Security Issues & The Procedure To Manage Them

Working from home of course means using your home WiFi network, which is undoubtedly more vulnerable than networks set up for business use. The security of an employee’s home network is also difficult and sometimes expensive to assess, meaning many companies will not be able to afford to do it or don’t have the infrastructure in place to do so.

There is technology available to assess personal WiFi systems but this is most likely unaffordable for most small businesses. Therefore, other steps need to be taken to ensure your staff know how to set up their own security. This could include guides on reviewing firewalls, the option to add antivirus software and providing IP addresses to your security team.

Additionally, some small businesses that began remote working in 2020 and have continued the policy may not have been able to offer devices to everyone working from home and are now experiencing issues with security because of this. Even with devices provided by the company, asset management poses a threat to security, particularly when employees leave the business or travel frequently.

Similar to the previous point, you may need to offer your staff security options to keep devices safe. It’s also important to ensure all staff have a strong awareness of their role in maintaining security in their work through regular training. Human error is always the most significant vulnerability and network issues only compound this challenge.

Not only do virtual documents pose challenges, but there are also security issues whenever employees need to use physical documents when working from home. As different kinds of data need to be disposed of in different ways to ensure security compliance, this is not always possible in a home office environment.

For any employees handling physical documents, training must be provided and regularly refreshed on how and when to properly dispose of data. You may also need to purchase equipment like a compliant shredder for your employees’ home offices. This will be necessary if your team works remotely often but may not always be affordable.

Ultimately, if these challenges are too expensive or difficult to manage, you may need to reassess your working-from-home policy. This could mean that some employees need to be in the office more than others or that remote working isn’t a possibility for your staff. Though many companies are working on a hybrid model, the level of insecurity this causes could be too much to risk for your company.

How The Remote Workplace Has Made Data Security Even More Essential

The Fortinet survey also found that most organizations haven’t mitigated the risks related to home working in the two years since the practice has become more commonplace. Since the data shows that the cost of data breaches has more than doubled in this same period, this highlights how essential security measures are.

Whether it’s virtual or physical data, every business needs to ensure they have thorough policies, the right technology and a competent awareness from all staff on how they can protect the boundaries of your organization from breaches.

Kyle Mitchell is Commercial Sales Director at Whitaker Brothers

You Might Also Read 

Retrofixing The Remote Workforce:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Manchester University Hacked
Meta Is Building A Rival To Twitter  »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Security Compass

Security Compass

Security Compass, the Security by Design Company, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows.

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

ISACA Conferences

ISACA Conferences

ISACA is dedicated to offering the most dynamic and inclusive conferences to keep you abreast of the latest advances in IT and Information Security.

Yubico

Yubico

Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.

Smoothwall

Smoothwall

Smoothwall develop intelligent web filtering, Monitoring and security solutions designed to protect users worldwide.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

ReFoMa

ReFoMa

ReFoMa is a consultancy and advisory company with a focus on information Security.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

IberLayer

IberLayer

IberLayer is the company behind the Email Guardian service, a cloud based Email Total Protection system that filters and blocks email threats.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Yotta Infrastructure Solutions

Yotta Infrastructure Solutions

Yotta Infrastructure, a Hiranandani group company, provide Datacenter Colocation and Tech Services such as Cloud services, Network & Connectivity, IT Security and IT Management services.

Arakyta

Arakyta

Arakÿta specializes in business strategy, work flow process and IT systems for organizations.

Arculus Cyber Security

Arculus Cyber Security

Arculus Cyber Security enables customers to securely realise the benefits of digital transformation through pragmatic solutions, guidance and services.

Kontra

Kontra

Kontra application security training is an interactive and intuitive learning experience that engages developers.

Ebryx

Ebryx

At Ebryx, we are at the forefront of cybersecurity innovation, leveraging over a decade of expertise to protect and empower organizations worldwide.