When remote working descended strong and fast earlier this year amid the pandemic, there was a frenzy within many organizations to equip their staff with the required machines to enable a quick and adequate “working from home” set up.
Now, as lockdowns ease, many businesses are preparing for employees to return to the office. While they are rightly concerned with establishing health-related practices to protect their employees from the coronavirus, there is another danger they must address: an abundance of employee hardware that lacks necessary security and is about to reconnect to their company’s corporate network, risking sensitive data being exposed to a cyber-attack.
Cyber criminals are well aware of this environment, and will target their cyber-attacks in areas that have become vulnerable. We saw this with the spike of phishing attacks themed around working from home at the beginning of the lockdown, and it will continue to evolve as workforces change their work practice once again as the lockdown eases and companies bring employees back into the office.
Computers used for remote working are likely to have confidential company data stored, have been shared with family members possibly visiting insecure websites or installing insecure software for example, with no guarantee that they have been patched and maintained over these recent months. The big question is: can these external devices be trusted back on to the corporate network?
Businesses need carry out risk assessments and put best practices in place before their networks are exposed. First, staff need to share where company data has been saved and under which accounts, work or private credentials. Was it a public cloud environment like Google drive, OneDrive or Dropbox? This all needs to be disclosed to minimize risk, ensure data is safe and GDPR compliance is maintained…
Source: The Staffing Stream