Working from home is set to return in full force for many businesses in 2022, with the rise in Omicron cases. While many large tech companies have rallied to provide a range of excellent tools and services to help businesses cope with remote working, not all businesses have been operating in the right way when it comes to working from home and upholding cyber security standards.
TechQuarters is an IT company providing IT Services London businesses use, they have gone fully remote since the start of the Covid-19 pandemic. They spoke to us about the potential security risks of work-from-home practices, and how businesses can boost their IT security in 2022.
Top Security Risks of WFH
Using Personal Devices – many employees admit to transferring data between work and personal devices, and if you are working from home, you may be using a personal computer for work full time. Additionally, BYOD (“Bring Your Own Device”) policies without proper security measures can also risk data loss.
Weak Passwords – it can take just a few second for a weak password to be cracked, even by a mid-range consumer PC that has been repurposed for brute-force attacks. A sophisticated machine that has been optimised for these types of attacks can crack passwords in just milliseconds. Many users tend to use passwords that are easy for them to remember, but this in turn makes it easier for hackers to crack.
Unsecured File Sharing – data is usually encrypted at rest by an organisation, but less often is it encrypted while in transit (i.e. when sent via email or various file-sharing methods). What these means is that data is susceptible to being intercepted, which can lead to ransomware attacks, data theft, and more.
IT Security for WFH
With all of this said, working-from-home is still a highly effective solution that enables businesses to continue operating throughout a range of scenarios that would hinder a traditional office-based company. In the same way that you wouldn’t take obvious risks at the office, a business just needs to make sure their security is set up for a WFH scenario.
Endpoint Management – this is the ideal solution for all issues pertaining to employees using unsecured personal computers and mobile devices. Essentially, software is installed onto all endpoint devices (e.g. an employee’s smartphone, their personal laptop, etc.) and the software goes about protecting only the data related to the company – essentially it segregated the company data from the user’s personal data. All of this can be done remotely using Cloud technology, and it enables companies to allow users to work on their own devices whilst ensuring security.
VPNs – there may be certain occasions where employees must connect to a public network, perhaps while travelling somewhere. Connecting to public networks can be risky as they are generally less well protected than business or even personal private networks. This is why using a VPN is a good idea. VPNs create a buffer between a user’s device and the internet and making sure no one else shares the network you are using for work.Cloud Sharing – the Cloud makes file sharing much easier, because rather than sending files across a network, you are simply uploading to an environment that your collaborators also have access to. This is a much more secure way of sharing files. A good example of Cloud Sharing is Microsoft’s SharePoint and OneDrive services – both a Cloud file management system and are backed up with superb security. An organisation can ensure that only company personnel have access to their SharePoint environment.