New ways of working mean new security problems

24 August 2020

UK business decision-makers say that since the start of the Covid-19 outbreak, they have seen an increase in the number of staff members dismissed because of a breach of company cybersecurity policy, according to new research from Centrify.

The survey of 200 businesses also revealed that almost two-thirds (65%) of companies have made substantial changes to their cybersecurity policy in response to the pandemic and the great increase in remote working.

More than half (58%) said that employees are more likely to try and circumvent company security practices when working from home which seems to indicate security flaws in the remote-working model.

As a result, companies have begun introducing biometric data checks, such as fingerprint and facial recognition technology and other multi-factor authentication steps, before allowing access to certain applications, files and accounts.

Furthermore, more than half (55%) of businesses have already formally banned staff from using personal devices to work from home, or plan to do so.

Centrify VP Andy Heather said: “With more people than ever working from home and left to their own devices, it’s inevitable that some will find security workarounds, such as using personal laptops and not changing passwords, in order to maximise productivity.”

It is also possible, he went on, that the changes in security procedures are not being communicated well to employees with many practising unsafe internet usage without even realising that they are doing so.

Given that the weakest link in any organisation’s security continues to be the human element, Mr Heather said that they must implement strict and transparent, cloud-enabled and identity-centric security solutions.

“This will allow companies to quickly and safely deploy scalable security privileged access management measures, which make it impossible for an employee to access company networks, applications and data, unless they are following correct procedures,” he concluded.

Comment by BrightHR Chief Technological Officer Alastair Brown

Although working from home has many perks, especially during a pandemic, these findings emphasise the need for employers to enforce security safety measures as they would do if staff were in the office because a cybersecurity breach could result in major system issues that significantly impact upon company output and productivity.

Although, it may be that employers are finding it more difficult to enforce these measures with staff working from home and may now, therefore, be considering returning staff to the office sooner than anticipated — especially as Government advice has given them the discretion to do so.