Remote Workers Can Increase Cyber Threat to Employers

MSPs and MSSPs can help companies stay safe as more employees work from home.

Edward Gately, Senior News Editor

March 16, 2020

4 Min Read
Coronavirus remote working
Shutterstock

Cybersecurity is a growing issue as more companies require their employees to work remotely as a precaution against spreading the coronavirus.

It’s one thing to say that workers will work remotely, and access sensitive and confidential information via the internet. It’s quite another to be able to assure executive management that information is protected and compliance mandates are met, according to Janco Associates.

Janulaitis-Victor_Janco-Associates.jpeg

Janco’s Victor Janulaitis

“In talking with a number of our clients, as they rushed to allow a greater percentage of their employees to work from home, we highlighted several risks small and midsized companies faced,” said Janco CEO Victor Janulaitis. “The risks ranged from a more complicated record management, destruction and retention process to exposure of confidential and sensitive information to individuals within the companies that did not know what they could not do with that information.”

Getting telecommuting going is not as difficult as it may sound, he said. What is an issue is the volume of sensitive and confidential information that will be exposed without the proper infrastructure to protects those corporate assets, he said.

Arsene-Liviu_Bitdefender.jpeg

Bitdefender’s Liviu Arsene

Liviu Arsene, global cybersecurity researcher at Bitdefender, tells us remote workers can severely increase the risk of suffering breaches or inadvertent data leaks if their employer has inadequate security procedures involving access and handing of critical customer data.

“For example, an employee using his/her work laptop at home may use it for private activities, or even share it with family members,” he said. “Inadvertently copy-pasting sensitive data into the wrong window, installing an unsanctioned applicationor using an unsecure internet connection are just a few scenarios where an employee could pose security risks that could lead to compromise of on-device data or company infrastructure.”

Surveys have shown as much as half of SMBs have suffered a cyberattack within a single year, and that a data breach can be devastating, even potentially leading to the business’s permanent shutdown, Arsene said.

“Allowing remote employees to connect to and access critical infrastructure without having proper authorization, authentication and accountability in place significantly increases the risk of cybercriminals misusing that access,” he said. “The current cybersecurity skills shortage coupled with small cybersecurity budgets and the security challenges brought forward by remote employees can spell disaster for SMBs.”

SMBs that face the challenge of fortifying security while supporting remote employees can confidently turn to MSPs and MSSPs for expertise, support and 24/7 reliability in terms of deploying the right tools and procedures at a fraction of cost, Arsene said. Investing in an in-house cybersecurity team can drive operational costs well beyond the comfort zone of SMBs, while partnering with managed service or security service providers offers the same benefits with minimum expenses, he said.

“Another option that SMBs have is relying on managed detection and response (MDR) services that act as security operations center (SOC)-as-a-service,” he said. “Security operation centers are something that only large organizations have traditionally been able to afford for threat hunting of advanced and sophisticated intruders. However, through MDR, SMBs can also defend themselves…

…against potential advanced persistent threats (APTs) with the same power at a fraction of the cost. Staffed by seasoned security experts wielding some of the best security technologies, they can quickly and effectively respond to malicious activity, actively removing the threat to reduce dwell time and limit any damage.”

NordVPN provides the following advice for staying secure and connected while working remotely:

  • Make sure your home network is secure. The bare minimum will be to password-protect your router if you haven’t already.

  • Use a separate device or account for work. It’s best to keep your personal and professional devices and accounts separate. This way, if one account or device is breached, the other will remain safe.

  • Use companywide cybersecurity tools.

  • Encrypt sensitive files in transit and in storage.

  • Stay informed on cybersecurity and social engineering, Read up on different forms of social engineering and phishing so you know what to look out for. Now more than ever, scammers will try to pose as your colleagues or managers to try to get you to give up sensitive company information.

  • Avoid public Wi-Fi, which is far more likely to have malicious actors connected to it or running it, as is the case with a hotspot.

Read more about:

MSPs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like