Cybersecurity Risks While Working from Home
Cybersecurity Risks While Working from Home
Though technology allowed for it, remote work didn’t become a common thing for workplaces until the Covid-19 pandemic forced workers home. Now, there’s a push to return to the office as pandemic restrictions lift and employers are looking to get back into the normal of yesterday. However, there is a pushback from employees to continue to stay home and work remotely. And while employers are giving into employee needs and demands for remote work, there are risks that don’t involve the social or political aspects of the office, but rather the security of a corporation. When employees no longer report to a centralized location, the risks of cyber invasions can open up. According to Cybersecurity and Infrastructure Security Agency (CISA), malicious cyber-attacks on companies and organizations are designed to “to steal information and disrupt, deny access to, degrade, or destroy critical information systems.” So, what are the cybersecurity risks to remote work or how do companies mitigate those risks?
What cybersecurity threats are there in remote work?
- Personal or Public Wi-Fi Not Secure
During the pandemic, many workers were able to work wherever they had a Wi-Fi connection – whether that be their own personal network or a public network away from home. This becomes one of the biggest risks for ransomware and cybersecurity attacks as cybercriminals can exploit weak and unsecure networks to either siphon your company’s information or implant ransomware on your computer. While you can strengthen your personal internet connection through several means, public Wi-Fi can pose many risks to you and your information. Click here to learn more tips about staying safe on public internet and what you can become susceptible to when using it.
- Vulnerable Hardware
When working from home, it’s not uncommon for employees to use devices, like their phones, to do their job. However, this can be a risk for any company as these devices can lead to hackers and cybercriminals introducing viruses and ransomware that can attack the company’s network. Not only that, but employees themselves can be vulnerable to risks while operating their hardware, especially where the employee uses their own personal or public Wi-Fi.
- Unsecured Networks
One way many companies are working remotely is through online networks and databases for employees to transfer data and communicate within the organization. Cybersecurity criminals target a wide range of these networks to find vulnerabilities to exploit. Some of the common vulnerabilities include weak passwords, unsecured emails, and software that is outdated.
How do companies mitigate these risks?
- Use a VPN
A Virtual Private Network (VPN) can allow an employee to use their personal or public Wi-Fi with less worry of cyber-attacks as it helps encrypt information and keep it safe. A VPN acts as a shield to protect the employee and company from cyber criminals trying to gain access to or disrupt sensitive information.
- Stay Updated
A company’s IT department should spearhead the effort to keep employee computers and hardware updated and patched constantly. This can ensure that networks and hardware stay secure, and employees are not exposed to risks. Not only that, but IT should also lead cybersecurity training and best practices so all employees can stay aware and prevent cyber-attacks in their roles.
- Use Multi-Factor Authentication
Multi-factor authentication provides at least two or more steps to log into systems, like email and company pages, to verify the user’s credentials. This helps mitigate risks because “if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space, computing device, network, or database” per CISA.
One of the University of Fairfax’s system administrators, Amber Caldwell, talks about how she and the IT team work against cybersecurity risks as most of the university’s staff works remotely. “In general, the University Systems Information Team utilizes several tools and techniques to keep the university safeguarded from threats. Firstly, we’re utilizing multifactor authentication (MFA). This ensures the user is the user and the device is the user’s device. Secondly, we utilize a multi-layer security approach which the team monitors and maintains to ensure the safety and security of our users.”
Amber also gives this advice to those remote workers to safeguard against cybersecurity risks: “For best practices, we always recommend staying alert when opening emails from unknown senders. If the email isn’t expected, the sender or domain isn’t known the best practice is to report the email and block it. Additionally, when browsing the web, do not download suspicious programs or extensions. Furthermore, always use a trusted anti-virus / endpoint protection program to mitigate issues at the start.”
With the advancement of technology to provide accessible work from the comfort of home, cybersecurity risks present themselves in new ways. Every major company or organization is at risk to cyber-attacks, but even more so when employees no longer report to a centralized location. However, with a great IT team, these risks can be lessened by following the latest cybersecurity best practices and staying diligent in keeping employee and company information safe. At the University of Fairfax, students are taught how to become leading cybersecurity professionals and how to keep companies, infrastructures, organizations, and agencies safe from cyber criminals. Learn from career professionals to enter the growing field of cybersecurity all from the comfort of your own home – learn how to keep yourself and future employers safe from real world experience! To learn more about our programs, go to ufairfax.edu.
The University of Fairfax – Secure Your Future