MUMBAI: Work-from-home habits, including password re-use and letting family members use corporate devices, are putting critical business systems and sensitive data at risk, according to a survey by access management solutions provider CyberArk. It found that risks to corporate security go up when it comes to working parents.
The survey, which aimed to gauge the state of security in today’s expanded remote work environment, found that 77% of remote employees have been using unmanaged, insecure devices such as personal laptops and phones to access corporate systems. Over 66% of employees have adopted communication and collaboration tools like Zoom and Microsoft Teams, which have recently reported security vulnerabilities.
Since the covid-19 pandemic broke out, companies across sectors have enabled work-from-home measures for their employees. In many cases, particularly, for non-IT companies, the framework for access and device management was not created in the past and hence employees have been using multiple apps and tools to collaborate.
As working parents had to quickly and simultaneously transform into full-time teachers, caregivers and playmates, it’s no surprise safe cybersecurity practices aren’t always top of mind when it comes to working from home. It found that 93% respondents have reused passwords across applications and devices, 29% admitted that they allow other members of their household to use their corporate devices for activities like schoolwork, gaming and shopping while 37% insecurely save passwords in browsers on their corporate devices
While 94% of IT teams were confident of their ability to secure remote workforce, 40% were yet to enhance security protocols despite the significant change in the way employees connect to corporate systems and the addition of new productivity applications.
The rush to on-board new applications and services that enable remote work combined with insecure connections and dangerous security practices of employees has significantly widened the attack surface and security strategies need to be updated to match this new dynamic threat landscape. This is especially true when it comes to securing privileged credentials of remote workers, which if compromised could open the door to an organisation's most critical systems and resources.
"The security posture of organisations continues to be tested as many remote employees face daunting challenges balancing productivity and security across their professional and personal workspaces," said Marianne Budnik, CMO, CyberArk. "As more organisations extend work-from-home policies for the long term, it’s important to capture lessons learned from the initial phases of remote work and shape future cybersecurity strategies that don’t require employees to make tradeoffs that could put their company at risk.