IT For CEOs & CFOs
News & Views
Employees are cybersecurity risk
Findings from a Twitter poll run by Apricorn (www.apricorn.com) show that during the pandemic 30% of respondents in both the US and the UK singled out employee education as being the biggest area where companies needed to make changes to improve cybersecurity when working remotely.
In addition to concerns about employee education, respondents also flagged updates to hardware (29%), endpoint control (21%) and enforcing encryption (19%) as areas of weakness, where organizations need to make changes to improve cybersecurity.
Given that almost 30% of respondents admitted to using unencrypted devices during the pandemic, this raises many concerns particularly at a time when we are seeing a dramatic increase in the volume of data being downloaded, and a potential for more data on the move.
“Employees have a critical role to play in their organization’s cyber security processes, from recognising the tools required, through to the policies in place to protect sensitive data. Whether it be through the delivery of awareness programs or ongoing training, establishing a culture of security within the workforce is essential,” says Kurt Markley, Director of Sales at Apricorn.
“Endpoint security is critical, and deploying removable storage devices with built-in hardware encryption, for example, will ensure all data can be stored or moved around safely offline. Even if the device is lost or stolen, the information will be unintelligible to anyone not authorized to access it.”
In addition, in the poll more than 40% of respondents admitted that, as an individual, they were not fully prepared to work at home securely and productively. Almost a fifth (18%) say they lack the right technology to do so, 16% were not sure how to, and just over 20% say they were still not able to work remotely.
“Many businesses will now have witnessed the positive productivity and financial impact of a remote workforce, but without the right tools, processes and security in place, this can very easily backfire,” continues Markley.
According to Jon Fielding, Managing Director, EMEA at Apricorn, “IT and security teams had to scramble to respond to this crisis and in doing so, left a lot of companies wide open to breach,” added Jon Fielding, Managing Director, EMEA at Apricorn.
“Nine months into employees working remotely, some know already that they have been attacked. Others think they may have been but can’t be sure. In the same way that we had to learn how to protect ourselves from illness and modify our behaviour, we had to also learn how to protect our data outside of the firewall and more important, to remain vigilant about it.”
The poll also shows that 60% of respondents are planning to work remotely, all, or some of the time following the pandemic, so the threat to corporate data is only going to mount. Almost 20% admitted that the experience of working from home highlighted major gaps in their employer’s cybersecurity strategy/policies.
When questioned as to whether their company had experienced a data breach as a result of remote working during the pandemic, over 20% said yes, but a further 22% said they didn’t know if they had suffered a breach.