As the world enters a new era of remote and hybrid work, the risks to network security become more complex. Over the last 18 months, the pandemic has created an unprecedented shift in the modern workforce. Employees, avoiding COVID-19, have found themselves more vulnerable to a different type of virus. From phishing to ransomware, highly sophisticated cyberattacks have targeted employees both at home and in the office. With the rapidly growing cybersecurity threats, it is crucial now more than ever to understand the risks from working at home versus working in the office and employ strong security measures wherever you choose to work.
Every day, security teams around the world discover new risks arising from remote work. For example, many employees unknowingly put their company’s data at risk by using their personal devices for work. In a recent survey we conducted via Pollfish, 76% of American respondents use their personal devices for work at least sometimes, and 75% use cloud-based services to store and manage their work data. The survey also found that the majority of employees surveyed indicated their company allows them to use work computers for personal purposes.
Furthermore, employees feel their companies are not doing enough to ensure a secure remote workplace. The same survey states that “since they started working remotely, many respondents said their company has not doubled down sufficiently on strengthening security policies and measures.” Roughly 60% say that their companies are not prohibiting the use of apps that do not meet the standard security. Nearly the same amount (58%) say that their companies have not implemented antivirus software, and a large percentage (48%) are not aware of any corporate cybersecurity policy at all.
While companies are responsible for implementing strategies to secure their data, employee IT behavior can cause problems as well. Here are a few examples of bad habits and risks to keep in mind when working remotely:
Bad Habits in Remote Work
- Weak and/or Reused Passwords
- It’s time to refresh those old passwords that you’ve been hanging on for years. Weak passwords are usually short and associated with some information about you that can be easily guessed. Those can be the biggest security risk and are the easiest way for cybercriminals to gain access to your system, especially when the same password is used across several platforms. As an example, the Colonial Pipeline cyberattack was affected using a compromised password
- Unencrypted File Sharing
- You might think the encrypted data you share within your company’s network is secure, but that’s usually not the case. Many corporate files are encrypted when stored but not while being shared or moved. Sensitive data such as restricted company, employee or client information can be intercepted in transit leading to identity theft, ransomware and more.
- Working from a public network is rarely a good idea. Having your screen exposed to everyone around you, taking work calls and leaving your devices unattended greatly increases the risk of cybersecurity. In addition, public Wi-Fis have been known to have weak security layers.
Risks from Remote Work
- Relaxed Security Protocols
- At most offices, IT managers operate and provide security for the entire network. At home, you are in charge of your own security. Companies can only do so much to protect their data. On the other hand, it is up to you to maintain a secure network at your home.
- Email Scams
- Phishing is also one of the main hazards of remote work. These are widely recognized as the number cause for data breaches and anyone can fall for them. Working from home with a low-security Wi-Fi (and, often, disabled-by-user VPN services) can increase these kinds of activities and it will be difficult to minimize the risk without an IT administrator available at all times.
To help prevent these issues, Lynx Software has developed LynxSafe, a secure laptop solution that sequesters personal and work use applications. By separating the two types of work and data, IT organizations are able to control the course of information to verify its confidentiality and prevent unauthorized access to corporate data. Another critical aspect of LynxSafe is that information-flow control gives integrity for sensitive security cases.
For these two key features to function, LynxSafe also dives deep into your laptop configuration, which supplies:
- A separate domain for protecting data in transit with two VPNs
- Isolation of the Windows environment for the user
- A separate domain for protecting data at rest
- An isolated management domain to allow for secure updates
Lynx is working hand in hand with laptop providers and other hardware vendors to set a higher standard for cybersecurity and minimize security threats.