Two Thirds Of Organizations Suffer Breaches Due To WFH

Uploaded on 2023-06-13 in TECHNOLOGY--Resilience, FREE TO VIEW

The remote workplace is now popular across the world thanks to the rapid response to the covid pandemic. While many companies will have now been operating a remote or hybrid structure, a recent survey by security company Fortinet reveals that the remote workplace poses a significant security threat.

The 2022 annual report from the Internet Crime Complaint Center (IC3) shows that data breaches cost the US over $450m, a growth of 148% since 2020.

This demonstrates that, though employers are continuing to offer more flexible working options for their employees, they aren’t committing to keeping their networks secure.

Remote or hybrid workplaces offer unique challenges to data security and some companies may still be encountering new issues even two years into the process. However, the cost of insecure networks and lax document security is too high to not take every step possible to prevent breaches.

WFH Security Issues & The Procedure To Manage Them

Working from home of course means using your home WiFi network, which is undoubtedly more vulnerable than networks set up for business use. The security of an employee’s home network is also difficult and sometimes expensive to assess, meaning many companies will not be able to afford to do it or don’t have the infrastructure in place to do so.

There is technology available to assess personal WiFi systems but this is most likely unaffordable for most small businesses. Therefore, other steps need to be taken to ensure your staff know how to set up their own security. This could include guides on reviewing firewalls, the option to add antivirus software and providing IP addresses to your security team.

Additionally, some small businesses that began remote working in 2020 and have continued the policy may not have been able to offer devices to everyone working from home and are now experiencing issues with security because of this. Even with devices provided by the company, asset management poses a threat to security, particularly when employees leave the business or travel frequently.

Similar to the previous point, you may need to offer your staff security options to keep devices safe. It’s also important to ensure all staff have a strong awareness of their role in maintaining security in their work through regular training. Human error is always the most significant vulnerability and network issues only compound this challenge.

Not only do virtual documents pose challenges, but there are also security issues whenever employees need to use physical documents when working from home. As different kinds of data need to be disposed of in different ways to ensure security compliance, this is not always possible in a home office environment.

For any employees handling physical documents, training must be provided and regularly refreshed on how and when to properly dispose of data. You may also need to purchase equipment like a compliant shredder for your employees’ home offices. This will be necessary if your team works remotely often but may not always be affordable.

Ultimately, if these challenges are too expensive or difficult to manage, you may need to reassess your working-from-home policy. This could mean that some employees need to be in the office more than others or that remote working isn’t a possibility for your staff. Though many companies are working on a hybrid model, the level of insecurity this causes could be too much to risk for your company.

How The Remote Workplace Has Made Data Security Even More Essential

The Fortinet survey also found that most organizations haven’t mitigated the risks related to home working in the two years since the practice has become more commonplace. Since the data shows that the cost of data breaches has more than doubled in this same period, this highlights how essential security measures are.

Whether it’s virtual or physical data, every business needs to ensure they have thorough policies, the right technology and a competent awareness from all staff on how they can protect the boundaries of your organization from breaches.

Kyle Mitchell is Commercial Sales Director at Whitaker Brothers

You Might Also Read 

Retrofixing The Remote Workforce:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Manchester University Hacked
Meta Is Building A Rival To Twitter  »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Security Weekly

Security Weekly

Security Weekly provides free content within the subject areas of IT security news, vulnerabilities, hacking, and research.

AirCUVE

AirCUVE

AirCUVE provide authentication and access control solutions for networks and mobile security.

Cyber Triage

Cyber Triage

Cyber Triage is an automated incident response software any company can use to investigate their network alerts.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Visual Guard

Visual Guard

Visual Guard is a modular solution covering most application security requirements, from application-level security systems to Corporate Identity and Access Management Solutions.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

Digital Arts

Digital Arts

Digital Arts provides internet security software and appliance products for companies and individuals.

Gulf Computer Services Co (GCSC)

Gulf Computer Services Co (GCSC)

Gulf Computer Services is a major player in the field of networking & Communication solutions for emerging industries such as Internet Services and Information Technology in Saudi Arabia.

NetSecurity

NetSecurity

NetSecurity is a Brazilian company specializing in Information Security. We provide Managed Security Services (MSS), network security solutions and other specialist services.

Blu Venture Investors (BVI)

Blu Venture Investors (BVI)

Blu Venture Investors is a venture capital firm that supports early stage companies with a focus on technology in diverse domains including cybersecurity, IoT, defense and homeland security.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

CMMC COE is an IT-AAC sponsored public–private partnership that will be the focal point for entities seeking to achieve Cybersecurity Maturity Model Certification.

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

Lansweeper

Lansweeper

Lansweeper is an IT Asset Management platform provider helping businesses better understand, manage and protect their IT devices and network.

Supra ITS

Supra ITS

Supra ITS is a leading full-service technology partner offering IT Consulting, Cloud Services, 24x7 Managed IT & Cybersecurity Services, and IT Project Support.

SafeShark

SafeShark

SafeShark are Product Security and Telecommunications Infrastructure (PTSI) Act and Radio Equipment Directive (RED) compliance specialists.