South Africa, Feb 20, 2024
Remote work was introduced during the COVID-19 pandemic and has since become a regular feature of the modern workplace. As with all new developments in business, there are advantages, but also risks associated with remote work. Companies have seen new cybersecurity threats entering the threat landscape as employees began working offsite.
It is important to be aware of and put measures in place to combat these cybersecurity threats. There are many threats, and our list below will give you some idea of the serious risks facing your organisation.
Phishing
According to the United States’ Cybersecurity and Infrastructure Security Agency (CISA), 90% of all cyber attacks begin with some form of phishing.
Phishing can take many forms including Spear Phishing, Vishing, and Smishing. They all share a common tactic of fooling their victims and using psychological manipulation.
Phishing is an insidious problem as it can bypass many of the cybersecurity protection measures that companies put in place. Through clever use of social engineering, phishing attacks can access company networks, servers, and sensitive files by using company employees as a way into the system. Malicious links, infected files, and spyware all give cybercriminals access to sensitive information and more potential targets.
Remote work employees are often at greater risk of phishing as they often make use of public networks outside of the company’s security environment. Cybercriminals can scope out their victims much easier if they move around in public instead of accessing company documents in a secure area.
Risky WIFI networks
Companies often have little control over which networks their remote employees access during their workday. Venues such as coffee shops and airport lounges may have compromised WIFI networks or have cybercriminals who use such venues as their preferred “hunting grounds”.
Data insecurity
If companies have outdated or insecure data systems, then remote work employees may inadvertently endanger company information simply through their daily administrative activities. Remote work policies that allow employees to store sensitive company data on 3rd party devices such as flash drives or external hard drives, also expose the system to serious threats.
Weak endpoint security
Companies often allow employees to use their own laptops or tablets for work purposes. This poses a serious cybersecurity threat as these devices often do not have reliable or sufficient security measures in place.
Weak firewalls, outdated antivirus software, and a lack of proper encryption mean that remote work employees are at risk of being victims of malware, viruses, or data breaches.
Credential theft
A general lack of cybersecurity protection may also expose remote workers to keyloggers or malware aimed at stealing company credentials or login information as employees type on their devices.
Lack of physical security
This point may seem out of place on a list such as this, but old-fashioned theft still presents a serious cybersecurity vulnerability for companies. If devices such as laptops are stolen, any sensitive company data on those devices will be at the mercy of the thief. The data would then either be sold or used to target the company in further cybercrime attacks.
Internal security threats
An often overlooked cybersecurity threat associated with remote work is that of disgruntled employees or bad actors.
An employee who wishes to harm the company may purposefully engage in risky online behaviour that may endanger the company’s information or systems. The decentralised nature of remote work makes it difficult to spot the interpersonal warning signs associated with vengeful employees.
Unauthorised applications
Remote work employees might use unauthorised, outdated, or insecure applications in the course of their work. These applications are difficult to monitor and may even have fundamental security vulnerabilities in their programming. A lack of visibility and control over these applications makes it difficult to spot threats, but also hinders efforts to resolve any breaches.
Poor network visibility
Many cybersecurity threats can enter and remain hidden in company networks due to poor network intelligence and visibility. Many companies often have large volumes of duplicated data and poor information classification procedures. This allows threats to enter the network and do a lot of damage before the company’s IT security teams can respond.
Compliance risks
Remote work can introduce compliance challenges, especially for industries with strict regulatory requirements such as healthcare or finance. Ensuring remote work arrangements comply with industry standards and regulations while maintaining security standards can be complex and requires careful planning and implementation.
Remote work is here to stay, but greater oversight and stricter cybersecurity measures are needed to safeguard company data and information.
Employers should consider education and awareness training for employees, regular security assessments and audits of remote work setups, collaboration with third-party vendors to ensure their security practices align with organisational standards, and continuous monitoring and adaptation of security measures to guard against emerging threats.
Need some help with your IT security?
Logicalis is a certified MSSP (Managed Security Services Provider) and can help you determine the strength of your security posture and protect against internal and external cybersecurity threats.
Contact us for a security assessment, SOC services, or Deep Observability network visibility capabilities.
Related Insights
South Africa , Jan 30, 2024
What is sustainability in IT?
Sustainability is an important topic in modern business as customers and other stakeholders increasingly measure their service providers’ performance against environmental and ethical standards. This directly impacts the IT industry as many clients will consciously choose to do business with companies that perform better on environmental metrics.
South Africa , Jan 24, 2024
How to develop an IT communications strategy
A strong and reliable IT communications strategy is required to get maximum buy-in from all stakeholders in the IT value chain. Developing your IT communications strategy is an involved process that follows multiple steps.
South Africa , Jan 10, 2024
What is Deep Observability?
Logicalis South Africa has recently partnered with Gigamon to deliver a new Deep Observability solution to South African enterprise companies. Deep Observability offers many benefits from security to network intelligence and allows organisations to have full visibility and control over their entire network infrastructure and the information flow.
South Africa , Dec 8, 2023
What are the benefits of a Security Operations Centre (SOC)?
Security operations centres (SOCs) offer many benefits to companies, either as an internal resource, or as a managed security services solution. A good SOC service can prevent a wide range of cyber threats from becoming disastrous events that can affect a company for years.
South Africa , Nov 13, 2023
Logicalis named inaugural 2023 Cisco Global Sustainability Partner of the Year
Last week, we were honoured to receive the inaugural 2023 Cisco Global Sustainability Partner of the Year award during Cisco's Global Partner Summit event in Miami. This prestigious accolade acknowledges Logicalis' exceptional sustainability achievements and success in helping customers reduce the environmental impact of their digital ecosystems across the globe.
South Africa , Oct 24, 2023
Choosing the right MSSP -Top 5 credentials to look for when selecting a Microsoft Managed Security Services provider (MSSP)
In an increasingly interconnected world, the frequency and complexity of cybersecurity threats are rising. Our recent CIO survey shows over half of respondents plan to increase their risk management investment. They also consider malware and ransomware significant risks that their organisations will face in the coming year.
South Africa , Oct 20, 2023
The business benefits of Digital Energy
It's all about using the power of automation, innovation, and smart tools to revolutionise how we manage energy. The goal? Reduce waste, cut costs, and promote sustainability. With sustainability and climate change becoming increasingly important, digital energy is no longer a choice; it's a must for companies in South Africa.
South Africa , Oct 4, 2023
The power of next generation connectivity
A key factor driving the evolution of how we live, work and trade is connectivity. Businesses flourish when their leaders create environments that can adapt to maximise opportunities, while mitigating the inevitable risks.
South Africa , Sep 26, 2023
10 benefits of IT managed services
There are many benefits to IT managed services that can help upscale the performance of your IT tools and services.