Showcasing the Best of Welsh Business

DEFAULT GROUP

The Biggest Cyber-Security Concerns of Remote Working

SHARE
,

Last month there were over 300,000 Google searches relating to cyber-security. It’s a hot topic that is ever-present in the news, particularly during lockdown where countless businesses have had no choice but to trust their staff to maintain secure standards outside of company walls.

To find out what businesses say the biggest cyber-security concerns of remote working are, security experts at Specops Software surveyed 100 senior staff from 14 different sectors:

  1. Medical and Health
  2. Computer and IT
  3. Education and Training
  4. Customer Service
  5. Travel and Hospitality
  6. Sales
  7. Recruitment and HR
  8. Marketing, Advertising and PR
  9. Charity and Voluntary Work
  10. Media and Internet
  11. Business, Consulting and Management
  12. Creative Arts and Design
  13. Accountancy, Banking and Finance
  14. Law

Respondents from each sector were asked to select ONE of the following factors as their biggest cyber-security concern:

  1. Reduced password and passcode security
  2. Tracking and managing assets
  3. Inadequate backup and recovery
  4. GDPR compliance
  5. Getting workers to follow protocols
  6. Third party access to video/webinar

The Results

Reduced Password and Passcode Security

The sectors that chose ‘reduced password and passcode security’ as their biggest cyber-security concern:

• Computer and IT
• Travel and Hospitality
• Charity and Voluntary Work
• Media and Internet

Many remote workers will be forced to use personal devices and networks during the lockdown, which often lack the tools built in to business networks – such as antivirus software, customised firewalls and automatic backup – increasing the risk of personal and work-related content being leaked/hacked.

Of the 400 senior staff from these sectors surveyed, 76% noted password attacks as a particular worry as passwords and passcodes on personal devices tend to be weaker.

Worryingly, since COVID-19, Specops Software have noted an increase in phishing, malware and password spraying, which gives senior staff due reason to be concerned.

Inadequate Backup and Recovery

The next most common cyber-security concern is ‘inadequate backup and recovery.’

The sectors that chose ‘inadequate backup and recovery’ as their biggest cyber-security concern:

• Medical and Health
• Education and Training
• Creative Arts and Design

With recent headlines like ‘Coronavirus: Cyber criminals threaten to hold hospitals ransom’, it’s no wonder sectors like Medical and Health are worried about protecting sensitive data.

Getting Workers to Follow Protocols

The sectors that chose ‘getting workers to follow protocols’ as their biggest cyber-security concern:

• Customer Service
• Business, Consulting and Management

To avoid a clash in communication, businesses will need to ensure they have a coherent cyber-security policy in place and workers should have a clear understanding of this before remote work takes place. According to Raconteur, a cyber-security policy should include remote-working access management, the use of personal devices, and updated data privacy considerations for employee access to documents and other information.

Tracking and Managing Assets

The sectors that chose ‘tracking and managing assets’ as their biggest cyber-security concern:

• Accountancy, Banking and Finance
• Law

If an asset is not being used efficiently, companies will need to implement an action plan or explore options on how to make it efficient/less resource intensive as possible – or risk losing revenue. Which is why it is understandable that fields such as Accountancy, Banking and Finance are most concerned by a block in tracking and managing assets when it comes to remote working.

Third Party Access to Video/Webinar

The sectors that chose ‘third party access to video/webinar’ as their biggest cyber-security concern:

• Recruitment and HR
• Marketing, Advertising and PR

Mashable recently reported ‘Stolen Zoom passwords and meeting IDs are already being shared on the dark web’, so is it any wonder fields that rely heavily on video communication in the current COVID-19 climate are concerned? See more on how to protect passwords in the comment from Darren James below.

GDPR Compliance

Interestingly, only the Sales sector chose ‘GDPR compliance’ as the biggest cyber-security concern.

With reduced security being the number one concern covered in this release, Darren James, Product Specialist and Security Expert at Specops Software, commented:

“We’ve already seen that the COVID-19 pandemic has been used as another vector of attack especially around phishing attacks. This makes it more important than ever that a “unique” password, or even better a passphrase, and where possible 2FA or MFA, should be used. Anyone working from home that is known to be using a compromised password should be encouraged (enforced) to change it as soon as possible.

Users also face genuine problems with password expiry and notification of password expiry (especially with their corporate AD accounts), the native tools don’t really give the admin a lot of options, so a user’s risk of being locked out of their accounts for an extended period of time is much greater than in the past.

Finally, organisations need to make sure that they have a robust leavers policy and process in place. If someone does leave the organisation then their access must be removed in a timely manner, and any company devices that they may have should be securely wiped. The BYOD scenario brings a lot of challenges to this subject in particular, e.g. global wipe vs selective wipes.”

Business News Wales