Recent months have significantly changed the typical corporate environment, as millions of employees transitioned to remote home office work as a result of the COVID-19 crisis. As the transition was in haste in reaction to trying to curb the spread of the virus, most organizations were not prepared, especially from a security standpoint, for the massive acceleration of remoting working environments and how to protect against attacks.
There has been a significant surge in cyberattacks throughout the COVID pandemic, especially with phishing attempts that are preying on tense emotions and anxiety. Check Point Software Technologies recently conducted a survey consisting of over 400 global IT professionals and the results were grim. Since the beginning of the coronavirus outbreak, 71% reported an increase in attacks and security threats, with the most common attacks being phishing, malicious pandemic related websites, malware, and ransomware.
In addition to the increase in attacks, 56% of the respondents stated that their top challenge in managing the shift to remote working has been providing secure remote access for their employees. 55% stated that their next most pressing challenge was the need for scalable solutions that could support their remote workforce. The third biggest challenge was trying to manage employees using untested tools, software, and devices.
With these concerning attacks on the rise, businesses need to take action to ensure that their corporate networks remain safe while employees are working from home. The first step is getting IT and HR departments to join forces. The speed of change has been unprecedented and left many organizations unprepared to protect their data and effectively exposed. Employees having varying degrees of computer and IT knowledge, which can also increase risk factors in a home working environment.
In the absence of having the time to create an onboarding model to transition employees to working from their homes, hackers have pounced on the opportunity. Security incidents are soaring as are scams related to the coronavirus that often take advantage of panic and spread disinformation. Hackers are relying on the fact that employees are emotional, tense, have distractions (such as children at home) and do not have immediate IT or management support, making it more likely that they will make an ill-informed decision such as disclosing sensitive information or clicking on a suspicious attachment.
Almost 90% of cloud-based corporate data breaches have been a result of attacks that have targeted employees. Now, with employees working from home and without proper security measures such as VPNs or awareness training, the risk is more prominent. Often, when people work from home, they may be more relaxed about following security measures and may browse personal websites or use unsecured WIFI, personal laptops or other devices to access corporate resources. This is a major concern, as personal devices are usually not equipped with the same security software as a corporate device would be, essentially allowing one careless click or download to grant a hacker access to a network.
The best immediate course of action to boost your organization’s security while your employees are working remotely is to get your HR and IT department to join forces. While IT professionals are experts in the security field, your HR department has a personal connection with your employees and has the training on how to communicate information and process changes. Your IT team should relay what information needs to be sent to employees on what steps they need to stay secure, and HR employees should craft the communication and be the ones sending it to staff.
In addition to sending the information to employees, the HR team needs to follow up and provide continuous updates in order to remain effective. Security and awareness training need to be approached in a simple to understand and easy to implement fashion.
Many small and medium-sized businesses do not have the resources for full-blown IT or HR departments, leaving them vulnerable in today’s pandemic working environment. This is where partnering with a Managed Service Provider, like MBC, can be the best course of action to keep your business protected. MBC can fill in the gaps of both your IT and HR department when it comes to ensuring that you have the right processes in place for employees to work remotely, that all end-point devices are secure and that your employees have the training that they need, delivered in an effective, simple-to-understand method to be cybersecurity aware and vigilant against attacks.
To learn how MBC can support your organization, get a free assessment today.