Lockdown in the UK has seen a sharp increase in employees working from home. This has opened the floodgates to numerous forms of data transmission back and forth between remote employees and their office. The result is that data security risks have risen significantly. Not only is this down to human error (although that is the most common form of data breach), but also includes fraudsters looking to exploit the vulnerability of businesses. The fallout from coronavirus-related breaches may not become clear for weeks, months or even longer. So, what are the most common risks?
Borrowing company equipment
Most employees will have been loaned computers and other devices to use while working remotely. Companies need to carefully consider potential risks and understand how they can be mitigated.
If employees are not using a virtual private network (VPN) to access shared company assets, then maybe now is the time to do so. Home WiFi networks are not likely to be as secure as a work network. Using a VPN will help to protect the connection, otherwise this could leave services exposed to hacking and allow unauthorised access to data.
Another common risk is the standard of PC security software. Employees may find their home PC is faster than the work laptop they’ve been given to use. Maybe they have used a USB stick to transfer large files back and forth between the PCs to speed things up. Clear protocols must be in place to prevent such practices.
Whether it is web security gateways, cloud security defences, encryption, or anti-malware applications, the reality is that significantly fewer of these are likely to be available at home or, if they are available, they could be poorly configured. The use of one-time codes sent to trusted phones or using a one-time PIN generation app, can help.
Using online video calls and video software
Zoom is just one of several popular online conference tools that employees have been using to stay connected. But all screensharing apps have vulnerabilities if not used correctly and the right security protocols are not adhered to.
Meeting calls that are not secured by a password can be easily attacked by hackers. Businesses must ensure their teams only send meeting invitations with an associated password – especially if it contains sensitive information. This includes financial spreadsheets, HR files and CRM databases. This will also limit the risk of a data breach. The use of a strong password, created by a random password generator will help to provide a link which cannot easily be hacked.
With over 90% of cyber data breaches down to human error, you can reduce the risk of breaches with effective training. In turn this will avoid fines from the Information Commissioner’s Office and the potential reputational damage that follows.
Ninety percent of the 2376 cyber-breaches reported to the ICO last year were caused by end-user mistakes. With the rise in homeworking, this figure is likely to rise dramatically over the coming months.
Sending emails to the wrong recipients, downloading a malware-infected attachment or failing to use a strong password are all ways that human error could ultimately lead to a data breach. Many of these lapses in judgement happen due to lack of knowledge, because the employee is tired, distracted or not paying attention.
There is no better time than the present to raise the security awareness of employees through training. Such training will remind people about good remote security practices.
iCaaS is The Trusted Standard in Data Protection and, in addition to its data security platform, provides highly cost effective training for all staff. This training is comprehensive, low cost and provided online. In conjunction with the iCaaS cloud-based, data compliance solution the training supports companies to become and remain GDPR compliant. The iCaaS software does all the hard work of achieving compliance and ultimately minimises the risk of data breaches – especially those posed by home working. By securing your business the iCaaS platform will save you time and money. More importantly it will secure your staff and help to build confidence and trust within your customer base.
For further information, go to: