Working remotely from home has hit new heights during the coronavirus pandemic. More employees than ever are doing so, and although the option to work in your PJ’s can be liberating, there are some security challenges this “new normal” creates. While 43% of Americans say they want to continue working remotely even after the economy fully reopens, it’s creating significant security challenges for employers and IT. Those using their personal devices for remote work add even more security risks to the mix.
A recent report by Tessian, “The State of Data Loss Prevention (DLP) 2020” takes a closer look at how Americans are working from home during the pandemic. The report finds that security protocols followed at an office often lose their way in a remote environment. The reasons behind these security lapses are many and Tessian’s report finds insight into the problem.
• Employees no longer under the watchful eye of an IT department admit to cutting corners on security, with 52% believing they can get away with riskier behavior as a result.
• Employees don’t typically report their mistakes and break security rules more often than IT is aware of. Emails are top of the list of data “mishaps” as many companies have policies against emailing company data to personal email accounts. According to Tessian, an average of 27,500 unauthorized emails are sent per year in a company with 1,000 employees.
• Remote working is much more difficult to monitor than in the office. As a result, past security strategies have fallen by the wayside, with 84% of IT leaders saying data loss protection is more challenging with a remote workforce.
So, what to do when a workforce is at home and not under the watchful eye of an IT department? Diligence is a big part of the answer. Employees, especially those using their own device to work should make sure all routers and access points are updated, including security patches. The need for strong password protection is required and using MFA (multi factor authentication) adds layers of security. Finally, never underestimate the power of email phishing while working remotely. Tessian’s CEO reminds us “All it takes is one misdirected email, incorrectly stored data file, or weak password, before a business faces a severe data breach that results in the wrath of regulations and financial turmoil.”