Security in a remote workforce: Your staff are working remotely, but are they working securely?

This last year has been extremely challenging for us all as we adapt to the new normal of remote working. And, whilst we adjust to these new ways of working, there are many security and IT professionals busy in the background ensuring that we are using our equipment within the safest possible way, whether that be from an office, dining room or kitchen table.

With very little notice, many UK businesses were required to support employees to work from home wherever this was possible. For many, entire workforces had only previously worked from their offices but, quickly, businesses made the necessary adjustments, often investing in new kit and new processes to make this possible. And, whilst many have now been remote working successfully for the last year, having overcome the initial challenges of migrating users to this new normal, there remain some gaps in their network security.

In a recent survey conducted by our technology partner Censornet, of 300 UK cyber security professionals 91% stated they were confident that their cloud security solutions offered the necessary protection to staff working remotely, but that employees risky behaviour shows a disconnect between the perception of how well protected an organisation is when employees are working remotely, and the realities of today’s remote working culture.

Home working has resulted in a shift to more flexible working in many organisations, which has been further stretched with school closures and the need to include school work within the working day. This very sudden shift has blurred the line between work and personal activities, with many using their employers IT kit for ease or vice versa.

Within the Censornet study, it was found that 67% of respondents had engaged in personal online activities such as accessing Netflix or Amazon Prime Video and a further 21% reported that employees had accessed adult sites. However, the concern does not end there, as dangerous content can be accessed and shared via a multitude of online platforms so it is no surprise that ‘not safe for work’ content (NSFW) is becoming a worry for those working in IT security and senior members of organisations. 

Such unauthorised usage poses as a real concern to organisations in the UK, who under UK legislation, are liable for the acts of their employees. This can result in the Directors of your organisation being sanctioned for the unauthorised access to illegal content from a company device.

In addition, with the surge in ‘less informed’ remote users and relaxed culture around using company devices for personal use, an increase in stolen credentials and Account Takeover (ATO) attacks does not come as a surprise. With the majority of such attacks originating from weak or stolen details, it is essential that organisations look beyond passwords to secure their networks.

Staff play a huge part in keeping your organisation safe, but as they work from remote locations, they are also unpredictable and a difficult risk to protect against. Aside from accessing unauthorised content online, individuals working for the company on their own devices are also finding their own ways to do their jobs. This includes downloading unauthorised apps that would otherwise have been locked down by internal policies, and sharing with colleagues. Such behaviour was identified by 26% of respondents, who found that using the Cloud to share unauthorised document links was the third most risky remote working behaviour within their organisations.

In 2020, around 80% of businesses made the rapid transformation to remote working. New tools and kit were deployed to enable workers to continue to do their jobs from home. Many did so with success, but fast forward to 2021, many of the same organisations are now able to recognise that the speed in which this migration was made has resulted in unforeseen gaps in their IT security and remote IT support. With the new normal looking to become a more common, longer- term working arrangement for many UK businesses, it is now more important than ever to ensure that these gaps are identified, remedied and that more permanent security strategies are deployed.

So getting the right remote IT support and IT security is vital as we look ahead to a more permanent remote working structure for many businesses.

Get a free security audit from the experts at ITRM to ensure that your employees are connected and secure in their new working environment. Contact a member of our team today.

Read about top tips on improving your security within our ‘security in a remote workforce’ blog series.