Employee education has been singled out as one of the biggest cybersecurity weaknesses for organizations during the COVID-19 lockdown. According to a Twitter poll by Apricorn, a manufacturer of computer storage products, nearly 30% of employees admit to using unencrypted devices. More than 30% of respondents also singled out employee education as the biggest area where companies needed to make changes to improve their cybersecurity posture.
Other Areas of Weakness include:
- Updates to hardware (29%)
- Endpoint control (21%)
- Enforcing encryption (19%)
Kurt Markley, Director of Sales at Apricorn, commented, “Employees have a critical role to play in their organization’s cybersecurity processes, from recognizing the tools required, through to the policies in place to protect sensitive data. Whether it be through the delivery of awareness programs or ongoing training, establishing a culture of security within the workforce is essential. He continued:
“Endpoint security is critical, and deploying removable storage devices with built-in hardware encryption, for example, will ensure all data can be stored or moved around safely offline. Even if the device is lost or stolen, the information will be unintelligible to anyone not authorized to access it.”
Is Your Endpoint Device Secure? Take our Endpoint Security Survey and win exciting goodies. Don’t miss out! Take Survey Now!
Several respondents also highlighted that they weren’t fully prepared to work at home securely and productively, where nearly 18% of respondents felt they didn’t have the right tools and technology while 16% admitting being completely ignorant of it.
Markley highlighted that COVID-19 may have bettered productivity among employees, while without the right tools and technology, these can easily backfire. He also highlighted that with more than 60% of employees planning to work remotely, the threat landscape may continue to widen.
According to Jon Fielding, Managing Director, EMEA at Apricorn, “IT and security teams had to scramble to respond to this crisis and in doing so, left a lot of companies wide open to breach. Nine months into employees working remotely, some know already that they have been attacked. Others think they may have been but can’t be sure. In the same way that we had to learn how to protect ourselves from illness and modify our behavior, we had to also learn how to protect our data outside of the firewall and more importantly, to remain vigilant about it.”