Companies have not done enough to prevent heightened security risk in light of remote working, according to Lynx Software. In fact, 36% have been, or know someone who has been, impacted by a cybersecurity attack since the start of COVID-19.
Lynx’s survey findings of 1,000 working Americans indicates that 69% of respondents are more concerned about cybersecurity risks during COVID-19 than they were before the pandemic – as perimeter-based security is no longer possible so device infrastructure becomes even more vulnerable.
Worryingly, 49% of respondents said their organization’s cybersecurity has strengthened since the start of the pandemic. Employees are mostly concerned about how this could impact their data privacy as 54% of respondents indicated that the biggest cybersecurity concern they have is their personal data being compromised.
Employee IT behavior is leaving many companies exposed to heightened cybersecurity risks during the pandemic. While working remotely:
- 76% of respondents use a personal device for work at least sometimes
- 75% use cloud based services to store and edit their documents
- 60% use a USB to move work files
- 22% are not sure if they are able to switch off their work VPN and 22% know they aren’t able to
- 65% indicated that their company allows them to use their work computer for accessing personal services
Since they started working remotely, many respondents said their company has not doubled down sufficiently on strengthening security policies and measures:
- 60% say their company has not prohibited the use of certain apps and tools that do not meet high security standards
- 58% say their company has not implemented antivirus software
- 48% are not aware of their company implementing strict IT security policies
“Organizations of all types need to prioritize finding ways to secure end-points for their employees’ devices, whether they are on laptops, edge servers or anything between, especially in the remote, zero trust environment we are living in. For IT teams this doesn’t have to mean prohibitive costs or compromising performance,” said Arun Subbarao, VP of engineering and technology at Lynx Software.
The survey illustrated that not all employees are aware of the additional cybersecurity risks they are exposed to since working remotely or what to do in a threatening situation. While 95% of respondents agreed that it is important that they feel like their work laptop is secure, 3 in ten were not aware that company devices used outside of the workplace are at greater risk for cyber threats.
In addition, over half indicated that they would not be able to recognize if their work device had been hacked, and three in ten would not know what actions to take if they sense their device has been attacked.
The fight to protect organizations from risks in zero trust environments and educate employees on cybersecurity policies and protocols is far from over. Once vaccinations have been more widely rolled out and office returns get underway, 70% of people surveyed still expect to be working from home for some period of the work week, making cybersecurity a priority for IT teams beyond the pandemic.
Survey respondents shared their perspective on what steps companies can start with:
- 51% say that organizations can make them more aware of the actions they are taking against cybersecurity risks by sharing policies
- 50% would like training sessions
- 44% would appreciate weekly newsletter updates on cybersecurity efforts