According to a recent Kaspersky report, How COVID-19 changed the way people work, three-in-four (73%) employees working from home have not yet received any specific cybersecurity awareness guidance or training designed to keep themselves secure from risks. While it can be more difficult to control the security of corporate IT and data remotely, threats still remain. For example, one-in-four (27%) employees say they have received phishing emails related to COVID-19. To avoid such risks, it is important for organizations to educate staff about cybersecurity.
While employees take on the massive shift of working from home, it is important for businesses to ensure their staff can work as they usually would. Keeping employees protected becomes a challenging task, as it takes a lot of resources to enable secure access to services staff regularly need to carry out their jobs well. Establishing effective cybersecurity measures is therefore critical, as remote working may also bring new risks such as increased spam and phishing attacks, connecting to compromised WiFi spots, or the use of shadow IT by employees.
However, a survey of 6,000 workers around the world has shown that employers may not be explaining to their employees how to avoid becoming victims of these risks. At least 73% of respondents said they were not provided with cybersecurity awareness training when they started working remotely. Additionally, more than a quarter (27%) of surveyed employees have already received, for example, phishing emails on the topic of COVID-19. Accidental downloading of malicious content from such an email can lead to devices being infected and business data being compromised. Many employees have also increased the use of online services for work that were not approved by their IT departments, known as shadow IT, such as video conferencing (70%), instant messengers (60%) or file storage services (53%).
“It is hard to keep things ‘business as usual’ when everything needs to change so dramatically. While employees are trying to get along with the new reality of working from home, IT and cybersecurity teams are under pressure to enable them to continue working safely. Cyber-incidents can only add difficulties to this challenge, so it is important to remain vigilant and make sure remote working is also secure working,” comments Andrey Dankevich, Senior Product Marketing Manager at Kaspersky.
Kaspersky advises the following recommendations to help businesses enable secure remote working for their employees: