We all are facing a new reality and a new normal during this crisis: working from home. And even though creating secure remote access to your company's resources falls on your IT (Information Technology) department, every team member is responsible for taking the proper security precautions as they work remotely, especially from home.
Working from home with its many distractions can lead to unhealthy habits, and simple unintended mistakes can cause your company at massive risk.
When a breach happens, you do not want to be the one they can trace it back to.
To help, we have Identified The 5 most common cyber-security mistakes remote workers make.
Using personal devices for work: How often have you used a personal device while working from home? If you answered, "all the time," you are not alone. It is estimated that 80% of remote workers use personal devices to connect with company resources. With the proper security measures in place, this does not have to be a problem, but the reality is, many remote workers treat their personal devices with much less caution than they do work-supplied laptops and phones. It is not unusual for people to allow family and friends access to their devices when working from home. And these people will often use the device to unsafely surf the web in unsafe ways, causing risk to your company's network and important assets.Takeaway: When working at home, you need to treat every device like it is a company device!
Not updating your computer or smartphone: The computers and mobile devices that remote workers use are set to download and install updates automatically. Problems occur when people turn that option off on their personal devices because it often happens at an unwanted or awkward moment. So, they mistakenly turn it off!During this crisis, while you work from home, your employer depends on you to protect your personal computer or smartphone. If your computer or devices are not updated, you are leaving yourself exposed to a cyberattack, which in turn exposes your company and your customers.
Not logging out! It is one thing to stay logged-in all day when working at the office, which your IT department will tell you is a bad idea. It is a whole other can of worms if you do this working from home.For example, let us say you leave your computer on, logged-in and open, and walk away from it at home. If a child were to walk by, jump on, and open any risky online games on your computer, your company would be exposed to all kinds of cyber-security risks.Takeaway: Always, always make sure you log out every single time. If you are using multiple tabs, also double-check you have closed everything work-related before venturing elsewhere online.
Letting your defenses down with phishing and corrupt emails: Workers suddenly finding themselves working remotely are extremely vulnerable to phishing attacks. The two main reasons for this are remote workers are now a much bigger target for cyber-criminals. And poorer security behavior by people working from home.Remote workers are being bombarded with phishing attacks during this pandemic, and phishing attacks are up 78% since the start of this crisis. In addition, employees working from home are in a more comfortable place and are much less security conscious than when working at the office.
Takeaway: Be proactive and revisit your companies phishing email policies and take it upon yourself to keep yourself up to date on any new phishing scams. Keep in mind, 90% of breaches are caused by employees clicking on a phishing email.
- Not securing your computer, devices, and apps at home: When you worked at the office, your IT department taught you always to log off and secure your computer and desk when you leave your workspace. Many people think that this precaution no longer needs to be followed at home, but the exact opposite is true.You have family members, roommates, and young children who have easy access to every device at home. This means when working at home or anywhere remotely, you need to follow all the security processes you used at work, like secure logins and physically securing your devices when unattended.
Takeaway: Do not turn off your automatic updates and do them within 24 hours of when they occur!
Working from home can be a good thing and something you can do for the long-term, not just during this coronavirus crisis. But you must maintain good cybersecurity habits and keep your computer and data safe from all outsiders.
Keep in mind that cyber-security studies have clearly shown that employees are the weakest link for companies. It is your responsibility, along with your team members, to keep your company protected!