The risks of remote working and cyber security
Remote working is no longer an option that only ‘hip’ start-ups can sell as a perk of working or a ‘business on the edge of innovation’. Working outside the office is fast becoming the norm regardless of the business sector or size – if indeed it isn’t already!
In 2017, conference line provider powwownow set out to discover what the flexible working landscape looked like in the UK. It’s survey Flexible Working Survey 2017, reported that 58% of the workers they questioned were offered flexible working, and well over half believe working outside the office could improve both productivity and motivation. From the perspective of attracting the right talent and getting the most from the workforce, remote working appears to be a no-brainer.
But there are risks to remote working, and cyber security challenges that businesses must overcome in light of increasing data security regulations and wannabe hackers. This is a massive potential downside because allowing employees to work remotely can significantly increase a company’s security vulnerability.
Not only are the majority of employees completely unaware of the risks associated with using public Wi-Fi services, but many opt to use their own equipment, some are even encouraged to do so. Yet how many companies actually enforce rigorous remote working and cyber security policies and technologies to protect vital business information stored on the employees’ own equipment?
The ability to work remotely is without question a huge benefit to any business – especially for management and sales staff who tend to travel extensively. But routinely accessing, sharing and working on sensitive company data while hooked up to the public Wi-Fi at the airport, train station or nearest coffee shop is one of the biggest security risks of modern business.
Fake Wi-Fi hotspots are everywhere, especially at densely populated, transient locations trade shows are another prime example. While many public Wi-Fi networks require a Protected Access 2 (WPA2) code, not only is this password generally available to anyone who asks, but even mildly skilled criminals can leverage software to intercept information via public networks.
Have you been compromised?
Sharing any sensitive company information unencrypted exposes the business to data compromise. If a junior sales person browsing the company CRM prior to a customer visit comes under attack, customer data is exposed and the company will be immediately opened up to a GDPR violation.
At the other end of the scale, a CEO’s mobile could automatically connect o public Wi-Fi whilst walking through a train station on the way to a meeting – within moments, emails have been accessed and a request has been sent to the finance department ordering a payment to be made.
Time to reconsider data security
Clearly employees at every level need to be made aware of the escalating risks associated with uncontrolled remote working and cyber security. But they also need to be supported by the deployment of a robust security posture. If employees are using their own devices, at the very least they must be protected by company issued Anti-Virus and online encryption software. Furthermore, the adoption of cloud based systems from any remote location should only be enabled via trusted two factor authentication and online encryption.
If organisations are to continue to gain the benefits of remote working without exposure to unacceptable risk, it is essential to reconsider how to keep sensitive information secure.
To find out more about how remote working can put your business at risk, download our eBook “Employees: The biggest cyber security threat to businesses“