Why modern workplaces demand a new breed of security
The workplace has evolved. Technology and working practices necessitated by the pandemic have become a permanent part of business life, with 60% of workers saying they would prefer to work remotely at least some of the time. Improvements in conferencing technology, cloud services and remote manageability have revealed huge benefits both to businesses and their employees. But at the same time, they have also exposed new risks, and hackers are all too happy to take advantage of any vulnerabilities. In fact, 2021 saw 50% more cyber attacks per week on corporate networks than pre-COVID. Here are some of the primary ways in which remote working has made life easier for cyber criminals:
1. Business devices and personal use
With business devices being kept in the home, there’s more chance that they’ll be used for personal communications or activities, as employees look to seamlessly integrate their personal and professional lives. Business devices, left accessible in the home office, may also be used by other family members for shopping, socialising or gaming. A quarter of UK workers allowed their children to use business devices for home schooling during the pandemic.
One of the most popular ways hackers attempt to breach networks is through social engineering or phishing attacks, so employees accessing personal accounts on business devices is a huge concern. A 2021 study conducted for HP Wolf Security found that 75% of IT teams surveyed had seen a rise in employees opening phishing links during the pandemic, while 40% of office workers surveyed reported clicking on a malicious email. Almost half (49%) had done so more often since working from home, and 70% of those that had clicked or nearly clicked on a link hadn’t reported it to IT.
2. Unsecured networks
Once upon a time, business devices all lived happily within the safety of the corporate network. Not so anymore. Remote working by default requires connection to the internet through the employee’s home Wi-Fi and there’s no guarantee that connection will be protected by strong password, nor is there any knowing who else will have access to it. A VPN does add a layer of protection to internet use at home, but on its own it’s not enough. Worryingly, a 2021 penetration testing survey across a wide range of commercial sectors found that 93% of corporate networks were susceptible to hacking. Businesses must recognise that protections can’t just centre on the perimeter as they may have done only a couple of years ago – a wider security posture is required.
3. Managing patches and upgrades
When all employees and devices are in the same place, it’s much easier for IT teams to manage security updates and patches. Remote deployment has become significantly easier in the past two years, but the process can still be complex, especially if it isn’t automated. VPNs can become strained under increased loads as systems are patched remotely. What’s more, if updates to web and email filters are not delivered simultaneously, criminals can take advantage of the delays through phishing attacks.
Security that starts with the device
Although restrictions are set to be completely lifted here in the UK, it would be naïve to think that the cyber security issues faced during the pandemic will lessen significantly. The fact is, the working landscape has been fundamentally changed by the technology the pandemic necessitated. Wherever your people work, your security must too.
One solution to improve security in the modern workplace is security of the device itself. Endpoint security used to depend on software deployed on the device but now a new breed of security is providing deeper resilience at the hardware level. Hardware-enforced security embeds hardened
security protection into the heart of a PC, offering the strongest defence possible against the most serious incursions.
Our partners at HP are heavily innovating in hardware-enforced security to combat modern cyber threats. Joining forces, we’ve put together a quick guide to help you understand how it protects devices around, above, in and below the OS. Download your free copy here.
References:
yougov.co.uk/topics/economy/articles-reports/2021/09/28/what-will-increased-remote-working-mean-britain
itpro.co.uk/security/cyber-attacks/361944/cyber-attacks-on-corporate-networks-increased-50-in-2021
datacentrereview.com/2021/03/parents-using-work-devices-for-home-schooling-despite-cybersecurity-concerns/
itpro.co.uk/security/endpoint-security/362148/why-software-alone-wont-solve-the-security-crisis
forbes.com/sites/chuckbrooks/2022/01/21/cybersecurity-in-2022–a-fresh-look-at-some-very-alarming-stats
You may also be interested in
Sleigh your IT to-do list – unwrapping year-end tech tasks
As the year winds down, is your IT to-do list still overflowing? From asset disposal to cybersecurity updates, unfinished tasks can hinder your start to 2025. Here’s a timely reminder of some things to check in on as the year ends.
The future of private AI
This year, AI has come of age and become a much sought after technology. Many businesses have begun implementing models into their operations to improve business productivity and create value. But as with any new innovation, hurdles stand in the way of progress, notably concerns over privacy.
The CEO Edit: September 2024
Servium CEO, Paul Barlow, gives his view from the top on recent happenings at Servium and across the industry.