As the pandemic swept across the globe and changed our lives, there’s at least one cause for cheer and even optimism. A lot of people have been allowed to work from home by their employers. And for the most part, the new digital workforce has responded well.
Businesses know that they can count on continued productivity. Workers get to keep their jobs or explore new ones while enjoying better work-life balance. But all of this increased online activity can leave more users and systems exposed to cyber-attacks. Here’s why everyone needs to become more aware of the risks involved and take the necessary actions to improve.
Remote work on the rise
Many employees had long been clamoring for companies to allow some measure of remote work, even before the term ‘digital nomad’ started to gain traction. However, the trend took time to grow in popularity.
The first companies to adopt remote working arrangements tended to be in the tech sector. Part of this was due to their inherent expertise, making it easier to deploy infrastructure and resources needed to enable remote workers. Also, jobs in tech are often naturally suited to this type of work; an employee with a laptop and connection can accomplish most tasks.
Entering 2020, remote work was already on the rise. But the worldwide impact of Covid-19 has only accelerated this trend. While many people have welcomed its widespread adoption, remember that this was a sudden development.
Most companies have found themselves navigating unfamiliar territory. Managing teams from a distance and over multiple time zones has raised the issue of how to maintain productivity and effective collaboration. Many are concerned about the long-term effects of a lack of social interaction. As employees craft a workspace out of their homes and families adjust, business leaders fret about how this all bodes for the new normal.
Risks and complications
In the background, however, the need for cybersecurity is growing. As early as April, the World Health Organization reported a leak of thousands of email addresses and passwords belonging to users working on the coronavirus response. This was also accompanied by a surge of up to five times the year-on-year incidence in cyber-attacks directed at the WHO.
Those early scammers aimed to impersonate WHO members and misdirect donations towards fake accounts. But the WHO isn’t the only target. Now that we’ve entered a world of remote work, just about every business has increased its online presence and activity, exposing them to higher risk. Amid the flurry of changes and adjustments, hackers and social engineers see an opportunity to strike at vulnerable systems.
The diaspora of users from the traditional office has created further complications for many companies. Virtual workplaces are highly asynchronous. Thus, any security patches being rolled out to individual end-user devices are prone to delays. System downtime to patch vulnerabilities must be carefully scheduled to avoid losing productivity. These delays add to the risk of being exploited by hackers.
Also, remote working teams often communicate through multiple channels. For example, a team could hold a meeting in Zoom, chat throughout the day in Slack, and send group emails with attachments. Each channel is a potential vulnerability that needs to be secured.
A new essential skill
For many years now, IT personnel and cybersecurity experts have warned businesses that user behavior presents a significant risk. When you put vinyl fencing around your house, you don’t proceed to leave the door unlocked. The perimeter can be enclosed, the barrier durable, but anyone who attempts will find it easy to get in.
In the same way, companies need to conduct cybersecurity training and periodic refreshers for every employee whose job involves using a computer and the Internet. This is especially true of remote workers. Home Wi-Fi networks and personal devices are all but sure to have lower security measures in place. These users will be accessing shared files and potentially sensitive data. They might also need to access the company’s network and devices remotely.
UNESCO has included digital literacy on its list of essential 21st-century skills. This is a recognition of the fact that we now live almost simultaneously in the physical and digital worlds. Unfortunately, many people still overlook the critical importance of cybersecurity in digital literacy and its impact on our daily lives.
As we gradually enter the new normal, it’s not just employers who should worry about cybersecurity. Everyone would be well-advised to learn more about these best practices and become masters of this new essential skill.