WFH Security Best Practices Critical as Employees Willfully Abandon Protocols

Work-from-home (WFH) security risks drive adoption of security best practices.

Pam Baker

May 29, 2020

3 Min Read
Telecommuter for Microsoft gallery
Shutterstock

One key reason employers want to get employees back in the office is to enforce better security controls. A new report makes employers’ motivation clear: Nearly half (48%) abandon security protocols when working from home (WFH). But employers may not be able to drive employees back into the workplace. They may need to adopt WFH security best practices instead.

The news on employee WFH behavior only gets worse. An overwhelming majority (91%) of IT leaders trust their staff to do the right things. But “over half of employees (52%) believe they can get away with riskier behavior when working from home.”

Further, much of the risky behavior is deliberate. While 48% readily admit that “not being watched by IT” is their reason to ditch company security practices, a whopping 54% will find workarounds if security policies impede their work.

Sadler-Tim_Tessian.jpg

Tessian’s Tim Sadler

“Businesses have adapted quickly to the abrupt shift to remote working. The challenge they now face is protecting data from risky employee behaviors as working from home becomes the norm. Human error is the biggest threat to companies’ data security, and IT teams lack true visibility of the threat,” said Tim Sadler, CEO and co-founder of email security firm, Tessian.

There are regional differences in risky behaviors at home, too. For one thing, American workers tend to be laxer on security rules than their counterparts across the pond. According to the report, U.S. employees are more than twice as likely as U.K. workers to send emails to the wrong person (72% vs. 31%). And U.S. workers are twice as likely as U.K. workers (45% vs. 23%) to take company documents with them when they quit.

Sign up for Channel Futures’ new EMEA newsletter, where we feature news and analysis involving companies based in Europe, the Middle East and Africa, as well as those doing business in that region.

Industry Consensus

Tessian isn’t the only company noting the swing in security threats caused by employees working from home.

An nCipher Security and Ponemon Institute study found that over half (54%) of business leaders consider their employees the biggest security threat, followed by hackers (29%) and malicious insiders (20%).

Grimm-John_nCipher-Security-2.jpg

nCipher Security’s John Grimm

“As the world goes digital, the impact of the global pandemic highlights how security and identity have become critical for organizations and individuals both at work and at home,” said John Grimm, vice president of strategy at nCipher Security.

The problem is likely to compound rather than resolve after the pandemic passes.

Shavell-Rob_Abine.jpg

Abine’s Rob Shavell

“While employers may want to accommodate long-term flexible work arrangements, most companies are not prepared for the serious security risks associated with managing a remote work force,” said Rob Shavell, CEO of Abine, an online privacy provider.

Despite the risks, companies are not likely to pass on the benefits a WFH workforce provides, however.

According to data acquired by Atlas VPN, because of the productivity boost and reduction in expenses, “U.S. companies can save $4.5 trillion by letting their employees work remotely.” The flexibility WFH provides to workers also aids companies in their hiring and talent retention efforts.

Atlas VPN found that 99% of workers would like a chance to work remotely at least part-time. This makes WFH security best practices even more critical. Further, “being able to work from home is the critical factor for 70% of people looking for a new job.”

Read more about:

MSPs

About the Author

Pam Baker

A prolific writer and analyst, Pam Baker’s published work appears in many leading print and online publications including Security Boulevard, PCMag, Institutional Investor magazine, CIO, TechTarget, Linux.com and InformationWeek, as well as many others. Her latest book is “Data Divination: Big Data Strategies.” She’s also a popular speaker at technology conferences as well as specialty conferences such as the Excellence in Journalism events and a medical research and healthcare event at the NY Academy of Sciences.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like