MOST companies are now aware of how the pandemic has changed the world of work from 2020 and beyond. One of the main adjustments made was implementing work-from-home arrangements, with business leaders scrambling to adapt to workforce needs.
Prior to the pandemic, many businesses were focused on investing in on-premise network cybersecurity. Given the unexpected work disruptions caused by the pandemic, the cybersecurity of employees' respective home networks was not immediately considered. A study conducted by Tanium, an IT endpoint management and security services provider, found 96 percent of leaders admitting that they were unprepared for the challenges posed by home network security.
As I write this article, my work laptop is connected to my home network, to which at least eight more devices are also connected. The others are used by my wife and kids and not a single device necessarily complies with our company's security policy. Since I am knowledgeable on security best practices, I have configured our home network to be as secure as possible. This helps us avoid and prevent any malware from infecting our devices.
Unfortunately, not a lot of employees in work-from-home setups are aware of how to effectively secure their home networks.
Vulnerable at home
The typical homeowner will not be overly concerned about home network security - most will settle for the basic internet package provided by their chosen telco. This leads to employees using home networks that do not possess the sophisticated cyber protection most companies put in place in the office.
Some of the hazards that can contribute to being vulnerable to cyberthreats include using a router's default password or not using a password at all. Another potential hazard includes devices used by employees that do not have proper cyber protection and even home computers used by family members that have poor or outdated malware scanners. Moreover, not all household members are properly trained to avoid or block malware or phishing attacks.
The lack of proper training and awareness among home network users compromises work devices connected to that network. Since work devices store highly sensitive and confidential data, companies must implement foolproof measures to help combat cyberthreats from employees' homes.
Vigilance and home networks
Businesses must reiterate the importance of home network security to employees. Security must be everyone's responsibility and concern. All employees should have the same resources and training needed to identify potential threats. Since a company's people are its number one defense against cybersecurity, investing in proper cybersecurity training systems should be considered.
Another way to ensure home network security is to raise awareness on best practices, which include securing home Wi-Fi with strong passwords, installing antivirus programs on personal devices, and cascading crucial cybersecurity information to family members.
Companies can also conduct cyberattack simulations and use available tools to monitor training compliance. Our firm uses a cybersecurity solution called Vigil@nt, which provides a cybersecurity training platform that combines learning modules, phishing simulations and progress monitoring tools to get an overview of cybersecurity awareness among employees. Investing in cybersecurity platforms can help business leaders gain assurance and security with regard to safeguarding crucial client information, a nonnegotiable in today's home-based workforce.
To motivate employees, training sessions must be conducted frequently and these should relate to their experiences with the current work setup. Additionally, the importance of ensuring cybersecurity must be imbued in the workforce to instill a sense of urgency.
In summary, companies must prioritize training to fend off cyberattacks from home, invest in relevant cybersecurity platforms appropriate to their needs and practice vigilance in monitoring work devices connected to a home network. As cybercriminals become keener and cyberattack schemes become more sophisticated, companies should take all available measures to prevent sensitive data from being compromised.
Cybersecurity is a worthy investment in a world that is becoming increasingly digital and businesses must follow suit to not get left behind.
As published in The Manila Times, dated 09 June 2021