SEBS IT Colour Strip

Blog Archive

Home Working

5 Home Working Security Threats

Remote working has increased over the past few years and for a lot of businesses is now the norm. Many organisations that had never previously considered having their employees work from home have jumped on the remote bandwagon. For many businesses offering staff the option to work from home or the office is simply business as normal, Some now even require staff to work from home full time.

Having staff work remotely is an attractive option, helping employees create a healthy work/life balance and achieve more freedom and flexibility. For a business, this can help save both time and money whilst having an overall positive effect on staff morale.
There’s no question that remote work has many benefits for everyone involved. although along with the benefits, there are a handful of threats that every business with remote workers should be aware of.
Remote working security risks occur simply because staff are using their home networks and in some cases their own devices to complete their work. This can introduce vulnerabilities and expose your business to multiple cyber security threats, with machines using unsecured Wi-Fi or simply being left unattended or shared with other people, which could eventually lead to a Data Breach

Your business may be doing everything it can to protect its head office and primary network, However, an attacker only requires the smallest window of opportunity to break through all the barriers you have in place. It is essential all endpoints are equally protected to prevent security threats and protect your data no matter where your staff are working.

5 Most Common Remote Work Security Threats

1. Phishing Emails

Almost all hacking attempts originate from Phishing emails, These attacks (as the name implies) come through email, usually encouraging the user to click a link or open an attachment, for the purpose of harvesting either login details from the user or installing software to allow the hacker remote access to the machine.

If a phishing attempt is successful, they often lead to malware infection which for around 50 percent of companies leads to either a full data breach or an unrecoverable loss of data.

Phishing scams are often extremely well put together and can be very difficult to identify in comparison to a legitimate email, User training can help employees spot the signs that all may not be well and prevent them from becoming a victim of this common threat.

As part of SEBS IT managed cyber security we offer both user training and Phishing simulation to help your team avoid phishing scams.

2. Unsecured Home WiFi Networks

Most home workers will be using their home Wifi to access their companies' data, In most cases this is fine but there are of course some potential risks.

Home Wi-fi devices and routers are not normally as strong or up-to-date as their business counterparts and often remain unpatched against flaws discovered since their installation. The smallest security gap is an opening for a hacker to gain access to your company's data. The most common failure on home equipment is being left with either its default password or a well-known password.

Preventing hackers' access to your business via home wifi is a key part of your cyber defence and one that is easy to deal with. Making sure employees know to change any default passwords along with ensuring all devices are kept up to date with the latest firmware and software, will ensure the use of home wifi is not a risk to your business.

SEBS IT can train your employees to maintain their home equipment or advise on stronger more robust home solutions to ensure your data is kept safe.

3. Poor Passwords

Not just a home working problem, poor passwords are a business-wide problem. With home workers having a direct link to your data from home, ensuring it is protected by a strong password is a must.

It is common for staff to have multiple passwords for various accounts and devices, with so many passwords to keep track of they typically end up stored on their phones or simply written down on a scrap of paper.

These practices put your company at risk by having no controls in place to manage passwords, in turn, this makes home workers an attractive target for hackers who will often target remote workers knowing they will most likely be an easy target without strong security measures.

Put a password policy in place to ensure employees are creating and using strong passwords that don't contain easy-to-guess or personal information and are routinely changed. Better yet consider implementing multifactor authentication (2FA / MFA) or Password management software

SEBS IT can advise on proper password control policies and implement 2FA and password management for your business.

4. Sharing of Unencrypted Files

All businesses have files and data that need to be transmitted between people as part of just doing business. Remote workers are most likely to circumvent or not be included in any security or encryption policies a company may have in-house.

This could result in employees transmitting data unencrypted across a public network (The Internet) which could easily be intercepted without anybody's knowledge. Using services that offer secure file sharing is a must for protecting your data when outside of the office.

SEBS IT can advise secure file sharing solutions such as Dropbox, WeTransfer and One Drive, Or implement your own private file sharing solution based on Nextcloud.

5. Unsecured Home Devices

Many (if not most) remote workers use their own devices to access the business network when they work from home. Being personal devices they generally won't have the same security services that a business device would normally have, such as Firewalls, Modern Antivirus and Antimalware, Additionally these devices are commonly shared amongst family members, so whilst you may be confident in your staff, but can you say the same for their family, protection of your data would have little to no importance to them.

SEBS IT can advise on security solutions for home workers, Such as Single Sign-On and VPN services which would prevent data leakage from previously unsecured devices, all designed to protect your number one asset.
SEBS IT

SEBS IT

Cyber Security