Top 3 Security Threats Related to a Remote Workforce
With so many businesses still having a distributed workforce, it is important to prioritize computer and network security. While there are various security threats associated with employees working remotely, today, I will be focusing on the top 3 threats that you should be aware of and address to ensure that your employees and business are secure.
One of the main security risks of a remote workforce is the possibility of unsecured home networks. Did you know that according to PC Magazine, in a study of 2000 US residents, 23% of people reported that they are using default credentials on their router/modem, and 11% were not even sure of what their credentials are? That is very concerning with the number of cyber threats that are out there. Most home networks are set up by a local ISP and use a modem/router to provide WiFi. These home networks are often set up by a technician whose focus is function, but not necessarily security. Therefore, your network traffic may be open for anyone to snoop on without your knowledge. The best way to protect that data is to encrypt all non-public information you and your company send over the wire. This would require the use of a VPN (virtual private network). With the proper configuration of a VPN, your data will be encrypted in transit and unreadable to those who may be listening. To make sure you have a secure home connection, you will want to make sure that:
- You have encryption set up with a VPN to protect corporate data.
- Your WiFi has a secure password associated with it.
- Default credentials on all network devices are changed.
These three steps go a long way to ensure you have a secure home connection better defended from hackers with malicious intent.
Personal Computer Equipment
When the rapid shift to remote work took place last year, many employees started using their home PC to access company data and perform their business functions. While it is crucial to ensure that the devices in an environment that allow data to flow through the network are locked down, the machine that holds all your data- the PC, will be a hacker’s biggest target. According to Forbes.com, in a recent study, “56% of people were unable to bring equipment from their employer to work from home” and “a third admit to personally purchasing equipment to help them work remotely during COVID-19.” That is an extremely high number of personal devices, considering how many people are still working remotely. Furthermore, home PCs are often shared with children or significant others, further increasing your cyber risk. It is vital to your company’s security that remote employees use company-managed PCs or laptops. It takes the management out of the users’ hands and provides a higher level of security while handling the company’s data.
Cell phones and mobile devices are another component that need security when being used for company email and accessing files. Make sure your infrastructure management includes a plan for keeping these devices protected.
According to bleepingcomputer.com, “based on a sample size of 163 million computers, 55% of all programs installed on personal computers running Windows are outdated.” Whether it is a firmware update for your hardware or a software update for your line-of-business application, this is something that the typical end-user often does not take the time to do. What can you do about it? Turn on automatic updates. This can go a long way in ensuring that updates are installed, and personal devices remain secure. While many of the software companies’ releases may be feature updates, you will also get vital security updates that help prevent exploitation of vulnerabilities in the system. This brings me back to having company-provided hardware. When your company provides and manages home devices, your IT department can manage, audit and ensure that updates are promptly and correctly installed, which will go a long way in protecting your company’s data. Keep your devices up to date!
These are just a few of the security risks associated with a remote workforce. Unfortunately, there are many more threats to consider as malicious actors continuously search for opportunities to access your company’s data. It is essential to keep security top of mind and continue strengthening your security posture. There are many resources out there that can help you evaluate your current environment and provide recommendations for improving your security standards. We at Kite Technology can be that resource and can help you identify vulnerabilities and provide the tools, like cloud solutions, you need to eliminate them. Contact us today to learn more.