The COVID-19 pandemic has forced many companies to transition their employees to working from home. This has significantly impacted the network security of these companies in ways they may never had considered just one year ago.
Larger, enterprise companies were better positioned to support a remote workforce than smaller companies because they generally have larger IT staffs and already have sophisticated security measures in place. They have the resources to properly educate their remote workforce with the proper guidance for setting up their home office environment and securing the company’s assets.
Smaller companies, however, were at a disadvantage because, as a rule, they were not prepared with hardware, equipment, or processes to provide for their employees to work from home. These processes include antivirus and malware protection, security updates to operating systems and productivity software, and proper security settings on internet access devices.
Many companies have employees who are working from home that share the same computer and internet access for the entire house. This means sharing the work computer with students working from home, spouses surfing the web, phone accessing apps. The members of each household might not understand the security implications of their behaviors on the company.
Viewed another way, the company IT department does not have visibility into the behaviors of the members of each employee’s household, behaviors that could expose the company assets and internal systems to cyberattacks and fraud.
Fraud – both internal and external – is a potential problem for every company, large or small. Exposing any company to fraud or attack is dangerous. However, most large companies can recover from fraud better and faster than small companies, as smaller companies often have limited IT resources, limited help desk capabilities, and less companywide security awareness training.
Then there is the cost of fraud in dollars. A quarter-million-dollar loss can completely wipe out a smaller company, while the larger companies can usually survive such a financial loss, even though both are equally exposed to risk.
In the end, the security chain is only as strong as its weakest link. It takes one weak link to break down the chain from a security perspective. It is one thing to provide remote access to employees working from home, but the challenge for all companies is to educate the remote staff to ensure the security of the data, the devices, and the network connections these employees use in to access company resources.
Download this eBook by IIA and Fastpath to review the steps you and your company can put in place to ensure application and user security is not compromised with a remote workforce.