Half of employees are cutting corners with regards to cybersecurity while working from home – and could be putting their organisation at risk of cyber attacks or data breaches as a result.
The coronavirus pandemic has forced both employers and employees to quickly adjust to remote working – and often without the watchful eyes of the IT and information security teams, workers are taking more risks online behaviour and handling data than they would at the office.
Analysis by researchers at cybersecurity company Tessian reveals that 52 percent of employees believe they can get away with riskier behaviour when working from home, such as sharing confidential files via email instead of more trusted mechanisms.
According to Tessian’s The State of Data Loss Report, some of the top reasons employees aren’t completely following the same safe data practices as usual include working from their own device, rather than a company issues one, as well as feeling as if they can take additional risks because they’re not being watched by IT and security.
SEE: Coronavirus: Effective strategies and tools for remote work during a pandemic
In some cases, employees aren’t purposefully ignoring security practices, but distractions while working from home such as childcare, room-mates and not having a desk set-up like they would at the office are having an impact on how people operate.
Meanwhile, some employees say they’re being forced to cut security corners because they’re under pressure to get work done quickly.
Half of those surveyed said they’ve had to find workarounds for security policies in order to efficiently do the work they’re required to do – suggesting that in some cases, security policies are too much of a barrier for employees working from home to adapt to.
However, by adopting workarounds employees could be putting their organisation at risk from cyber attacks, especially as hackers increasingly turn their attention to remote workers.
“People will cut corners on security best practices when working remotely and find workarounds if security policies disrupt their productivity in these new working conditions,” said Tim Salder, CEO of Tessian.
“But, all it takes is one misdirected email, incorrectly stored data file, or weak password, before a business faces a severe data breach that results in the wrath of regulations and financial turmoil”.
SEE: Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)
While the surge remote working is bringing additional challenges for both employees and employers, there a number of simple steps which can be taken to boost security without impeding productivity. One of these is employing multi-factor authentication, providing an extra barrier to defence that helps stop cyber criminals gaining access to accounts – and potentially corporate data.
The UK’s National Cyber Security Centre (NCSC) has previously shared security tips for working from home.
READ MORE ON CYBERSECURITY
