More companies are allowing their employees to work remotely and this means that their network perimeters now extend to the homes of every person working from home. That’s a massive environment to secure and control.
Cyber crime increases in the work from home era
Cyber crime has skyrocketed this year. Phishing attacks increased by 700% in the first three months of 2020 and globally, 51% of companies have been directly or indirectly impacted by ransomware. Several local companies have experienced major data leaks which have exposed the information of millions of South Africans. Hackers implement attacks every 39 seconds, which equates to some 2 244 attacks daily.
The reasons for the scourge in cybercrime can be found by looking at the ways that remote working is enabled. Let’s face it – some companies are geared to enable remote workforces while for many others this is unchartered territory. It means allowing employees to access emails, networks, ERM, CRM and other enterprise tools from anywhere and using any device.
Poor cyber security risks your business
Employees are using corporate assets which are not being managed or they are using personal devices for work. Endpoint security is lacking, security updates aren’t happening as they should, there is no monitoring or control of the endpoints in the remote environment and there are no policies around the use or management of data.
There are a few major problems with this. Your financial information could be exposed; your business employees and customers are at risk of fraud; you could risk non-compliance with legislation around the protection of personal information, and you could face litigation if confidential information was to be exposed to unauthorized people. Also, your entire environment could be brought to a halt by a piece of malware.
The human factor in cyber attacks
End-user awareness is a contributing factor to the increase in cybercrime in 2020. People are unaware of the potential risks of using third-party applications to do their work, clicking on links in emails, browsing the internet on unprotected devices, responding to unsolicited emails and phone calls asking for information, giving away passwords and allowing families members to use their work devices for personal use amongst other risky behaviours.
At least 38% of employees that we have assessed on behalf of companies are vulnerable to being caught by phishing. Notably, 65% of the ransomware attacks that have impacted more than half of companies globally were delivered via phishing. Employees should be educated to identify and help prevent phishing attacks.
Keeping data and people secure at home
You cannot protect or fix what is out of your control. The network security landscape must be adapted to include remote sites, email security must be in place, there should be policies around the use of company resources, access to data must be controlled, and cloud-based services must be secured. Last but not least, employees must receive cyber security awareness training.
Let us fix it
We’ll assess your environment, look at where your data is, who is using it, how they are accessing it, what devices are connecting to the network, and how secure they are. We can also test the vulnerabilities of your employees to phishing and other cyber threats.
Contact us. We will get you geared to protect your business from cyber crime regardless of where your data and employees are.