Recently, I have seen many more discussions about cybersecurity breaches. Could this be down to many more people working from home? Or is expected due to the increase of technology in our day-to-day lives? Or both?
This Forbes article from 2018 – https://www.forbes.com/sites/sallypercy/2018/11/27/the-top-three-business-priorities-for-leaders-over-the-next-three-years/?sh=26358f834ec9 – said that companies would be making cybersecurity and big data one of its main priorities, specifically connected to GDPR. There has been a huge pressure on companies to ensure the use of GDPR in recent years, however, there are still ongoing cyberattacks through companies having insecure data.
Insecure data in companies could easily be locked down, but this is when it gets tricky, as the more secure you are, the more difficult it becomes for even your own teams to access data, therefore, putting productivity at risk.
However, a study by the CIPD from December 2020/January 2021 finds “33 per cent of employers were more likely to say that working from home had improved productivity (compared with 28 per cent in June 2020), while 23 per cent of employers were less likely to say that homeworking had decreased productivity (down from 28 per cent in June 2020).”* It’s also been advised that flexible working should be more of an option in the future because of this.
I spoke to Artech House Series Editor, Rolf Oppliger, about this:
SN: Do you think more people working at home for their companies leaves room for more cybersecurity issues?
RO: Yes, I think that cybersecurity issues have increased with the promotion of people working at home. If they are using a VPN, preferably with force tunneling, then the situation may be comparable to their working place in the office. Due to the fact that they are socially more isolated than in the office, they may be more susceptible to all kinds of social engineering and phishing attacks. If they are not using a VPN and hence are not connected to the business environment, however, then the security exposure is worse. Most employees won’t have malware protection, firewalls, and IDS/IPS in place at home, and will therefore be exposed to all types of cybersecurity threats.
SN: How do people and companies continue to work with a high level of productivity without putting cybersecurity at risk? Is there a way to meet in the middle?
RO: As mentioned above, I think that people using their business laptop and connecting through a VPN can continue to work with a high level of productivity without much bigger risk. The main risk is people not following this rule and finding all types of tricks to circumvent the business IT. This opens many possibilities to attack them – either technically or socially.
SN: What are the biggest cybersecurity risks of home working?
RO: I guess people not using the proper business IT facilities, but using private PCs and laptops to work on documents offline instead. Also, I guess that social threats yield bigger risks than in the “usual” business environment, due to a lack of social control and the possibility to immediately double-check with peers.
So, the question is, how do we meet in the middle? How do we keep working at a high level without putting ourselves at risk for cybersecurity issues?
The solution – to do things such as ensuring workers have malware protection and firewalls when possible and to use offline working if needed.
Until network security has been developed more, there will always be security risks and attacks, but they could be minimized by companies whilst also ensuring their workforce is happy by being open to cyber protection and home working flexibility.
To learn more about security and privacy, shop Artech House’s series now: