Research from digital security software companies, has found that almost a third of employees (31%) in the UK of a Small and Medium business (SMBs) are connecting to the corporate network using personal devices that have no security measures in place. This could pose a list of threats to these businesses, here’s why.
The rise in working from home on the heels of the pandemic has seen SMB managers needing to make drastic changes to adapt to the change in cultural working behaviours, which means providing their colleagues with efficient and suitable technology to work outside of the office. This is no easy task and among IT decision makers, many are failing to provide employees with their own dedicated work computers, with some even encouraging employees at home to use personal devices due to difficulties in supplying company hardware. This could prove to be a danger for these companies as private and confidential data is at risk of being leaked and stolen through unsecure browsers and networks.
Poor cybersecurity risks for employees
Working from home can enable employees to pick up bad habits and put their company’s data at risk. Some of these include:
- Accessing sensitive data through unsafe Wi-Fi networks
Employees working remotely could be connecting to their home wireless network or handling sensitive data and accessing accounts using unsecured public Wi-Fi. This is where the risk arises as malicious cybercriminals nearby are enabled to easily spy on and harvest confidential information.
- Using personal devices for work
There’s a high chance that many employees see no harm in transferring files between work and personal devices for convenience. However, if the employee leaves the company, they will be holding on to confidential information that has been stored on their device.
- Using weak passwords
Cybercriminals are well aware of human error and will be quick to exploit it. Hackers can pull together lists of frequently used passwords and use them to access poorly protected accounts.
- Unencrypted file sharing
Employees store and share private information all day, every day and companies cannot afford to have this information stolen. Encrypting and protecting data is crucial as sensitive company information being intercepted can lead to identity fraud, ransomware, cyberattacks, theft and more.
Risk for companies
Employees could be unknowingly putting their company at risk by working from home without adequate security controls. Poor cyber security and lack of training can result in:
- Email scams
One of the biggest threats to a network’s security is threat actors gaining access to private information and without proper training and support, employees could be opening the door to them by interacting with phishing emails. These emails have become more sophisticated over the years and it’s becoming harder to determine authenticity without extensive training on the matter.
- Security controls are weaker
Multiple existing layers of cyber protection will not apply to remote employees. Replacing the office network with home Wi-Fi means devices are unprotected and exposed to possible unsecured networks.
- Threats all around
When it comes to remote work, security risks are everywhere. Unfortunately, the lack of monitoring and control which comes with remote work appears to be a blessing for cybercriminals, as sensitive information is simply easier to steal from a person’s home. Educating employees and ensuring your company and all its devices are secure and protected are the only ways to tackle cybercrime.
If you are worried about cyber criminals impacting your business contact us today.