While there’s clear evidence today of the many benefits of allowing your team to work from home, those benefits come at a heightened risk to your network and data. Remote work can present a unique challenge because work-from-home environments usually don’t have the same level of cyber security found within your office.
Here are six of the top cyber security risks you should be cautious of when implementing a work-from-home team.
1. Public Wi-Fi
From Starbucks to libraries to doctors’ waiting rooms, public Wi-Fi seems to be just about everywhere nowadays. While it’s convenient to just hop on a public Wi-Fi, it poses significant security risks to your network. First, other people have access to that same network, and without a firewall between you and them, there’s potential for someone nearby to access the same data that you can. Second, any interested observers on your current network or the public networks can monitor your traffic since it’s not encrypted.
2. Personal Computers and Devices
When your staff is working from home, it may be more convenient for them to use their home PC or devices to run reports, send e-mails, or even access your network.
You and your IT team have probably gone to great lengths to ensure your work computers have the latest updates installed, run antivirus scans and block malicious sites. However, most business owners and IT staff rarely follow the same security procedures for personal computers and devices, such as ensuring the work device has the Windows firewall enabled to protect it from other home computers and Internet of Things (IoT) devices. Essentially, by introducing a personal computer to a work network, even remotely, you’re putting the company network and your business at unnecessary risk. Even beyond the risk to your data is the potential liability and financial risk through violations of policy, practices, or both.
3. Risk of Theft
While you know there’s a threat of cybercriminals hacking your network and stealing your data, you probably rarely think about someone stealing the computers in your office. However, because laptops and tablets are portable and much easier to steal, there is a greater chance of theft.
Advise your employees to never leave their work computers or devices in a vehicle or unattended in a restaurant. It only takes a few seconds for someone to break into your car or even the trunk and take a laptop. While on the road, it’s smarter to always keep your laptop with you. A stolen laptop Is not as simple a task as replacing a computer; it can also be a productivity and records recovery nightmare. The worst-case scenario? The thief is actually a hacker who is after the personal data and passwords left on the laptop!
4. Flash Drives
Your IT team goes to such great lengths to keep your network safe. And it can all be brought down by a cheap little thumb drive or flash drive. Most families have several of these portable drives in random desk drawers and kids’ rooms. If an employee picks up a random thumb drive, it’s like playing Russian roulette – will it contain malware or not?
A classic hacking technique is to drop off several thumb drives at an office or public location. Most people will appreciate the free drive and take it home for future use. By doing so, they could possibly unleash a virus or malware onto the computer and possibly even your network! In a study presented at a hacker conference, a Google researcher dropped off 297 USB drives in hallways, parking lots and outdoor areas on the University of Illinois’s Urbana-Champaign campus. Inside the drives was special software that would allow them to immediately “call home” when plugged in. Of the 297 USB drives, 98% were picked up and 45% were plugged in and called home!
Bottom line: never use a flash drive if you don’t know what’s on it and who gave it to you.
5. Sending Sensitive Information Via E-mail
Your remote employees won’t think twice about sending e-mails either from their work computer or their personal laptop. However, when you’re sending sensitive data, such as financial information, passwords or proprietary product information, there’s always a chance it could be intercepted by a third party.
Encrypting the data attached to an e-mail prevents an unintended recipient from intercepting and viewing the data. Also, be sure your device is set to have all stored data encrypted in case of theft.
6. People Are Watching
You’ve already been warned about using public Wi-Fi There’s another risk if you’re in a public place doing work. It’s other people. If you’re in a coffee shop, you should always be aware of your sight lines. Anyone behind you can see everything you’re typing. Cybercriminals have strong observational skills to easily watch what you are doing and steal confidential information.
In my book, I go into details on how to keep your employees and your company secure no matter where, when or on what device they work. Get your copy here: https://www.hodgsonconsulting.com/underattack/