How to Protect your Business from Remote Work Security Risks

The Covid-19 pandemic caused a seismic shift in remote working practices. Before the pandemic, 34% of US employees worked remotely at least one day a week. Now, as we emerge from the pandemic, 35% of Americans work from home full-time — with a further 23% able to work remotely part-time.

This equates to approximately 92 million remote workers in the US alone.

But this rise in remote working is causing significant corporate cybersecurity issues. Poor password hygiene, dangerous online habits, and weak network security all put businesses at risk of data breaches, ransomware attacks, and other cyber threats.

So how can you protect your business from cyberattacks when your staff work remotely?

Remote work security statistics

In a December 2021 survey, researchers revealed striking statistics about the post-pandemic state of cybersecurity operations:

• 66% of employees said their company had a remote working policy, while 70% said there was guidance for creating secure passwords
• 49% of respondents said their company had guidelines for setting up secure remote work connections, and 57% used a virtual private network (VPN) to connect to their company workspace
• 48% of respondents use multi-factor authentication (MFA) to keep their accounts secure
• 41% of respondents said their company had organized cybersecurity training for employees within the last year
• 16% of respondents said they shared their work devices with people from other households.

At best, roughly half of workers are using secure connections to access sensitive company data and networks. But the majority of respondents didn’t use standard account protection measures or have recent cybersecurity training. Some are even willingly exposing work devices to people outside your organization.

Lax security measures lead to severe consequences for your staff, customers, and your business. So what are the risks — and how can you avoid them?

What are the risks of remote working?

• Unsecured networks — information can easily be seen or intercepted along unsecured or public networks, leading to data theft, ransomware attacks, and account takeover
• Phishing emails — remote working naturally means more communication via email and online messaging, increasing the risk of phishing emails and whaling attacks
• Shared devices — work devices may be shared with family members or housemates, who can use the device for high-risk online behaviors or access sensitive information
• Data storage — remote workers who store files and information on their devices, rather than in shared cloud-based storage, risk this data being irretrievably lost.

These practices often lead to common cyberattacks like ransomware, account takeover, fraud, and data theft, which ultimately result in financial loss and company reputation damage.

How to reduce remote work security risks

Create an incident response plan

Security incidents are sometimes unavoidable — so you must prepare for the worst. Ensure you have a robust response plan that can be carried out as soon as you identify a breach or security incident. As a minimum, your plan should include:

• Preparation — how to assess incident impact, and decide whether further action is needed
• Containment — how to mitigate the impact of the incident
• Countermeasures — how to stop the incident entirely
• Recovery — how to recover data and/or access to your systems
• Review — how to document the incident and your response, as well as notify relevant parties.

Here’s a high-level example of an incident response plan from the National Cybersecurity Centre:

Encrypt and back up your data

All sensitive data should be encrypted so that it can’t be read or decoded, even if it’s stolen. Recent events like the LastPass hack show the importance of encrypting passwords and other sensitive data.

Keep regular backups of all business-critical data. This enables you to wipe malware from infected machines without losing data. Make sure these backups are stored on a separate server so you can still access them if your network access is restricted.

Create a clear remote work security policy

Write a practical remote work policy that tells employees how to work from home safely. This should cover all core information security practices, including:

• Where to store sensitive data — in centralized cloud storage rather than individual devices
• Approved communication methods for sharing information — for example, give them temporary access that can be revoked if necessary. It’s generally a good idea to restrict use of unauthorized USB sticks and other storage devices
• Best practice for accessing the company network outside the office — use a VPN and avoid public networks
• Encouraging staff to keep devices up to date with patches and security updates.

Offer regular cybersecurity training

Remote workers must be required to attend regular cybersecurity training. This helps create a strong cybersecurity culture in your organization, which lowers the risk of accidental data exposure and lax security practices.

Secure your network

While you can’t control how remote workers connect to the internet, you can make it easier for them to access your network securely.

Set up a VPN to lower the risk of exposure to malicious actors on public networks. Enforce MFA to authorize users accessing your company workspace. And encourage staff to use password managers rather than recycling old passwords.

What should you do if you experience a breach or cyberattack?

If you work remotely and you’re concerned about a privacy breach or cyberattack, notify your IT team immediately. They can start your incident response plan to mitigate the impact.

If you’re responsible for cybersecurity, here are some standard responses to common remote work attack types:

• Ransomware — never pay the ransom. This encourages similar attacks in future. Instead, ensure you have accessible data backups and wipe infected devices. Reinstall the operating system and restore your backups.
• Data theft — understand how the data has been stolen and take steps to contain the incident (for example, change all relevant passwords and/or monitor your systems for a credential stuffing attack). Report the incident to the ICO within 72 hours if personal data has been stolen.
• Phishing attack — if an employee has clicked a phishing link, scan their device for malware and check their email account for unauthorized email forwarders. Get the employee to change their passwords. Contact parties who might have been affected (such as your bank).
• Account takeover — aim to take back control of the account by contacting the service provider. Ensure you have all verification information to hand. Change passwords for connected accounts if possible.
• Automated attacks — malicious bots can lead to several threats, including account takeover, card cracking, and product scalping. Identify and block bots automatically using a bot management solution. If you’re under attack right now, get help by submitting Netacea’s urgent request form.

Do you need a bot manager?

Most modern cyberattacks are automated, so implementing a strong bot management system is the best way to protect your network from malicious bots.

But bot management isn’t just about cybersecurity. It can also build stronger relationships between you and your customers, increasing revenue and building your reputation. Learn more about how bot management strengthens customer loyalty.