A recent issue of Business in Calgary featured 403Tech President Scott Gallupe, who offered insight as to how local businesses can protect their IT systems from cybersecurity threats while working remotely.
The remote work model offers a number of benefits that you’ve likely taken notice of over the course of the pandemic. Remote workers have seen the benefits as well:
However, for all the ways remote work is beneficial to both the organization and end-users, it’s not without its challenges — especially cybersecurity. 36% of organizations have dealt with a security incident due to an unsecured remote worker.
According to Morphisec’s Work-from-Home Employee Cybersecurity Threat Index, 20% of workers said their IT team had not provided any tips as they shifted to working from home. Is that the case for your remote workers?
Our very own President Scott Galupe was recently featured in a Business In Calgary article which explored the intersection of remote work and cybersecurity. The issue is that, as the use of video conferencing and file sharing solutions has ballooned with the global shift to remote work, there hasn’t been an equal adoption of remote cybersecurity solutions and processes.
“In the COVID world, where we are finding a lot of issues, people are moving away from their work, which has the necessary firewalls, and are now working from home on computers that might not offer that same level of security,” said Scott in the article.
The result is a major gap in cybersecurity. Those working from home may inadvertently put their organizations at risk.
For example, at its height, Zoom logged more than 300 million daily participants in a given month. At the same time, as many as 500,000 Zoom passwords were posted for sale on the dark web in April 2020.
As Scott noted, cybercriminals aren’t always interested in “zoombombing” or harassing professional meetings. More often, they may simply eavesdrop and try to gain information that will allow them to access other parts of the virtual workspace.
“The goal isn’t necessarily to hack into your call to gain information through that platform. It’s to piggyback onto another platform that you might use,” said Scott in the article. “Maybe you’re sharing similar credentials with your server account or your email? Once they’re in, that’s the scary part.”
If you don’t have a properly secured meeting, or if there are so many in attendance that you wouldn’t notice an additional member, then it’s rather easy for cybercriminals to sneak in. That’s why it’s so important to have the right security solutions and processes in place.
The fact is that, when the COVID-19 crisis hit, it hit fast. Despite what, in retrospect, may have seemed like a gradual build-up, it was virtually over the course of a single weekend in March that businesses across the US had to pivot to a remote work model.
Obviously, the first priority was maintaining business continuity. Businesses needed to make sure their newly remote workers had the technology and the remote access necessary to do their work.
But the process doesn’t end there — security is a complicated undertaking for remote work models, and needs ongoing attention. Continuing with a remote work model, whether entirely or in part, will require:
If you plan to continue with remote work in one way or another, you may need to change your model of IT support — as you and the other c-level executives at your business have likely discovered since the start of the pandemic, your ability to work remotely and securely depends directly on your IT support.