Remote work may have been good for you, but was it good for your company?

While many of us found it comfy and cozy to be at home, watch our favorite Netflix shows, and get our work done side-by-side on our laptops during the pandemic, hackers sought this as the best opportunity for a data breach! The rushed response to COVID-19 by many companies had made them neglect the need for increased cyber-security measures for remote workers. 

The average cost of a data breach in 2020 for the US alone, is $8.64 million! Now, I’ll leave it to your imagination to guess the worldwide estimate.

In April 2020, more than half a million account credentials, usernames, and passwords were sold on the dark web for less than a penny due to a data breach of one of the top-grossing VOIP apps, Zoom! Curious on how cybercriminals managed to infiltrate the ‘Pandemics Social Network’, then check out this article on ‘Zoom gets Stuffed’!

What security challenges do remote workers face?

To ensure the safety of their employees, most companies quickly shifted 81% to 100% of their employees to remote working. But what they failed to provide for their employees were the following 3 services:

Inadequate Backup and Recovery Systems

As most employees need to use their own devices for work, they may not have access to adequate backup/recovery systems. But this is a factor companies tend to neglect regardless of whether their employees work remotely or not. 

Secured Access to Company Networks 

The very motive behind WFH or remote work is to provide employees the leverage of being able to work at any place, any time. But when employees try to access company networks using public Wi-Fi at popular locations like coffee shops, malls, and airports, they are making themselves an easy target for hackers. Thus, putting the company’s data well at risk.

This threat can easily be prevented if companies provide their remote workforce with a secure VPN, SSL, or TLS connection, and ensure that their employees use Multi-Factor Authentication for accessing the company networks. 

Well, if you’re wondering how hackers use public Wi-Fi to steal your information and more, check out this blog by Norton Security on ‘Why Hackers Love Public Wi-Fi’!

Essential Office Equipment

Using a single laptop both for work and personal use can put your company’s data at risk. Think about it! When an employee browses various social media sites, answers personal e-mail, or shops online, there are chances that he/she could have accessed a fake or unsecure website, or viewed spam e-mail, causing the laptop to get infected with a virus or malware.

But more than anything, companies fail to train their employees on proper cybersecurity practices. Just imagine! If companies ensured that their employees were always updated about the potential security vulnerabilities and how to avoid them, at least half the data breaches wouldn’t have taken place this year!

What steps should employers take to decrease cyberattacks?

But, it’s not too late. If employers start implementing the following 5 measures, they can be certain that their company’s data is out of harm’s way:

1. Develop strong remote security policies
2. Install a permanent WFH model for employees
3. Host more cybersecurity training for WFH employees
4. Deploy antivirus solutions that can handle a remote workforce
5. Develop online privacy reviews for new software

Why don’t companies invest in Cybersecurity?

I think by now it’s a well known global fact that, sadly, most companies don’t invest in cybersecurity, and this issue existed well before the pandemic. 

• Many employers feel that building barriers and encrypting data makes it cumbersome for their employees to access company networks.
• Setting up strong Information Security services can be expensive. Further, since most of the costs of cybercrimes are distributed across insurers, banks, and customers, companies technically don’t experience a huge loss. It’s the other victims who do so.

While the above reasons may seem either unreasonable or unethical, employers, however; certainly don’t feel that way. But what do you think? Should companies invest in Information Security or not? Who’s side would you take?