Is remote working putting business security at risk?

23rd November 2020
Alex Lynn

Are you mixing work and play by shopping online, checking personal email or paying bills on a device you use for work? You are not the only one. As the lines between personal and work lives are more blurred than ever, most Brits are breaking the first rule of cyber security and might be putting business security at risk, according to a new global study by SailPoint.  

As pressures of juggling work, home schooling and staying connected with friends and family mount, it is easy to prioritise convenience over security. As a result, nearly one in ten (9%) of work computers are being used by Brits for many of their personal needs. 

With most office workers using their work devices for up to 13 hours a day, it’s easy to see why many of us choose to use one device for personal and professional use, as we increasingly feel the need to be connected and respond to emails and messages without delay. 

The most common personal activities UK employees with a work device use that device for are:  

  • Check personal email (64%) 
  • Do online shopping (60%) 
  • Check the news (46%)  
  • Go on social media (38%) 

This level of activity significantly increases the risk of hacking. It only takes one reused password or unsafe connection to hand hackers a VIP access card into your digital world – and your employer’s.  

Sharing isn’t caring 

Many of us have numerous logins to access work devices, platforms, shared files, etc., but as many as 24% of Brits have shared work passwords with a partner or family member. This increases the risk of passwords falling into the wrong hands, opening up the doors to sensitive business information. This is especially true as we tend to share multiple passwords across work and personal accounts. Once a hacker figures out at least one, they may have the master keycard that enables entry into the victim’s personal life as well as their employer’s.  

The global study also found that we are using a multitude of devices to get our work done remotely, creating a massive headache for IT departments everywhere. 

Since the start of the pandemic,  

  • Over half (54%) of Brits used their employer’s computer / laptop for work,  
  • A quarter (25%) have been using their personal computers, and  
  • 11% borrowed computers from family members of partners to work.  

This can cause problems if you’ve logged into work documents, accessed client information and saved the details via a password manager. It’s so easy to click the button when prompted to “save password in keychain” for your online shopping and social media accounts. Potentially, anyone with access to the device has access to your logins. A worry for bosses as our own laptops may not have the latest security protection in place.  

This would be OK if we changed our passwords regularly. But we don’t. Humans are the first line of defense to online attackers and one of the simplest things we can do is choose a secure password and change it regularly. But only 20% of Brits have changed work passwords within the last month. 43% haven’t changed their passwords in over six months. Staggeringly, some of us aren’t actually authorised to do so (9%) or the computer isn’t password protected in the first place (4%). These are some of the most basic steps people and businesses can take to keeping cyber thieves at bay.   

Gone phishing 

As the number of hours we spend online has sharply increased, so has the number of phishing attacks. Scammers have taken full advantage of our increased reliance on remote technologies for work, including use of personal mobile phones for work matters and work devices for things like online shopping. For example: 

  • Nearly half of Brits (48%) have been inundated by phishing attacks over the past six months.
  • Seven percent said they are being targeted at least once a week. 

It’s not just via email, it’s through texts to our personal phones and calls to our work numbers, among other things. The sheer volume of online messages we are receiving and sending on a daily basis, coupled with the blur between work and home life, can expose us to these threats. Will you notice a misspelled link in an email? Or opt to re-set your account details on one of the popular ecommerce sites?  

Who’s in your cyber bubble? 

SailPoint is calling on employees and businesses to think about the composition of their respective cyber bubbles, not just their family and friend bubbles. Every time we surf the web using an unsecure WiFi connection, we risk coming too close to malicious cybercriminals for comfort.  

Over a third (41%) of us use unsecure public WiFi when working, and 44% use unsecure connections when surfing the web for personal needs, creating a large cyber bubble comprised of complete strangers. Generation Z and the tail end of millennials (those aged 18-24) are much more carefree about their digital safety, with over a third (39%) admitting to sharing their passwords and compromising their cyber bubbles in other ways. 

Stephen Bradford, SVP EMEA at SailPoint, said: “The current level of cyber hygiene is quite worrying. We’d never think of leaving our house door unlocked or inviting a stranger in in for a cup of tea. Why do we treat our digital workspaces, both personal and professional, any differently? By easily giving away passwords or inadvertently inviting malicious actors in through unsecure WiFi connections, we are exposing ourselves to serious risk. 

“Each of us must ask ourselves, ‘who am I in contact with and how far can my passwords spread?’ Businesses need to get a grip on the issue now before it spreads by stepping up their cybersecurity defenses and training for staff. As the pressures of work and personal lives in the pandemic test our ability to multitask, existing cybersecurity training and processes typically aren’t enough.  

“Innovative, predictive AI-enabled identity security technology is key to protecting people from making human errors, potentially leading to increased risk of cyberattacks and data leaks. If we aren’t careful, we could be facing a security crisis in the digital world.” 

Product Spotlight

Upcoming Events

View all events
Latest global electronics news
© Copyright 2024 Electronic Specifier