Most employees are worried about cyber threats at their home-office amid the COVID-19, claims IBM Security.
With the widespread Coronavirus outbreak, the rushed shift for work from home brings new security challenges, as many employees are not sure about data security at their home-based office settings. The latest study by IBM Security in collaboration with Morning Consult is focused on employee behavior, precisely those who are new to work from home system and its connected security threats. More than 2,000 US professionals have been surveyed – who are newly working from home. The report titled, “IBM Security Work from Home Study” found that nearly 80% of the respondents have rarely worked remotely or not at all.
With the spread of the pandemic, now more than 50% are working from home with almost no new security policies. This move has exposed new security issues and has left these professionals concerned about the impending cyber threats in the new normal. Currently, over half of the US people are working from home, and a majority among them is expected to continue the same with the rest of 2020 and beyond. Many organizations may be functioning catch-up as they effort to manage the ongoing security risks with remote-work models. The new home office with setup has disrupted the protected business activities with a lack of policies and less secure areas. For instance, customer service professionals who have been working in closely managed call centers – are presently managing sensitive customer data and information from remote locations.
Some principal findings from the study are –
1] Convinced, yet not prepared: Nearly 93% of the respondents are confident in their organization’s ability to store personally identifiable information (PII) secure – amid the WFH model. However, about 45% haven’t received any training, and another 52% are using their personal computers/laptops for work – which is often with no tools for security.
2] Missing PII plans: Most employees have not been provided with new work guidelines about handling highly regulated PII while working remotely. This is regardless of 42% of respondents who manage PII as a part of their daily tasks.
3] Policy consciousness: Over 50% of employees don’t know about any newly made company policies concerning password management, customer data handling, etc.
4] Personal systems in use: More than 50% of the respondents are using their personal laptops/computers for business purposes. Another 61% noted that their employer hadn’t offered tools to secure those devices rightly.
5] Passwords lack protection: Nearly 66% do not know about new password management guidelines – in fact, about 35% are reusing passwords for their business accounts.
The lack of support and security systems is triggering more opportunity for the threat actors. Charles Henderson, Global Partner, and Head at IBM X-Force Red, as mentioned in the company blog post, “Organizations need to use a risk-based approach with work-from-home models, then reassess and build from the ground up. Working from home is going to be a long-lasting reality within many organizations, and the security assumptions we once relied on in our traditional offices may not be enough as our workforce transitions to new, less controlled surroundings.”