A recent survey from security firm CyberArk revealed how cyber habits of remote workforce is compromising business systems and making sensitive data vulnerable to attacks. It stated that the surge in remote work brought a new wave of security concerns.
The survey “How Cyber Habits at Home Threaten Corporate Network Security” revealed that work from home employees threaten corporate security. Nearly 93% of them admitted they reuse passwords and 29% allowed other family members to use their company-issued devices for personal activities like schoolwork, shopping and gaming. It is found that 77% of remote employees are using unmanaged, insecure BYOD (Bring Your Own Devices) to access corporate systems.
While 37% said they insecurely save passwords in browsers on their corporate devices, 66% of employees stated that they are using third-party communication tools like Zoom and Microsoft Teams while working at home. The survey also highlighted that 94% of IT and security teams are confident in their ability to secure the new remote workforce, however, 40% have not increased their security protocols despite the significant change in the way employees connect to corporate systems and the addition of new productivity applications.
The study surveyed 3,000 remote workers and security decision makers across the U.S., U.K., France, and Germany, and is intended to determine the current scenario of cybersecurity during the ongoing COVID-19 crisis.
“The rush to onboard new applications and services that enable remote work combined with insecure connections and dangerous security practices of employees has significantly widened the attack surface and security strategies need to be updated to match this new dynamic threat landscape. This is especially true when it comes to securing privileged credentials of remote workers, which if compromised could open the door to an organization’s most critical systems and resources,” the report said.
Marianne Budnik, CMO of CyberArk, said, “The security posture of organizations continues to be tested as many remote employees face daunting challenges balancing productivity and security across their professional and personal workspaces. As more organizations extend work-from-home policies for the long term, it’s important to capture lessons learned from the initial phases of remote work and shape future cybersecurity strategies that don’t require employees to make tradeoffs that could put their company at risk.”
Remote Workers Lack Cybersecurity Training
A similar research from cybersecurity firm Promon found that 66% of remote workers in the U.K. haven’t been trained on cybersecurity in the past 12 months, whereas 77% said that they aren’t worried about the security while working remotely. Around 61% said they are using personal devices while working from home. This is adding further security concerns as many of these are likely to be less secure than corporate-issued ones. Cybercriminals are exploiting the current working conditions by carrying out COVID-19-related phishing campaigns and other malicious activities. The findings are based on the responses from 2,000 remote workers in the U.K.