Researchers claim that many companies do not provide cybersecurity awareness training to their remote workers, despite the fact that these workers have access to sensitive company information.
33% of IT professionals working in businesses of all sizes worldwide did not provide the remote staff they worked withany kind of cybersecurity awareness training, according to a study by Hornetsecurity which surveyed almost 1000 IT professionals.
While remote workers have access to critical data, their employers can be seriously impacted by costly cyber incidents. 74% of those surveyed had access to critical company data.
With the report also indicating that companies are looking to expand their remote workforce this may cause even more issues in the future.
How Do We Fix It?
According to Hornetsecurity, increasing education and training, especially basic training, is said to be one of the most effective ways to address the problem.
CEO Daniel Hofmann says "Traditional methods of controlling and securing company data aren’t as effective when employees are working in remote locations and greater responsibility falls on the individual". This is backed up when considering compromised credentials and endpoints (56%) are two of the main sources of cyber security issues.
If you have employees or you yourself often work remotely, be sure to do some basic security checks today:
- Device - is it up to date? Do you have antivirus installed? Is it up to date? Is the access password unique?
- Are you online? How are you online? Is the network you're using secure (a cafe is likely not to be).
- Applications - what's running on your device? Is it from a trusted developer? Is it up to date? Is it password protected?
- Data - do you have access to data that can be exploited, secrets, customer details, sales numbers? Are they password protected? Are they encrypted? Do you actually need access to this data or is it best removed from the device?
- Browser - is it secure? Is it up to date? Are you sure that link is legitimate? Do you have access to a company intranet? Is it secure? Do you have more access than you actually need?
These basic tips can help keep you secure online. Take a look at the NCSC website for more info