Despite the widespread shift towards homeworking over the lockdown period, a significant number of businesses have admitted current cyber security policies are not fit for home-working.
Almost half (48%) of business decision makers have admitted that their existing cyber security policies are currently not suitable for maintaining a 100% remote working model.
This increased risk has led to nearly two thirds (65%) anticipating an increase in phishing and breach attempts, according to a new survey from Centrify, a provider of Identity-Centric privileged access management (PAM) solutions.
The survey, conducted by independent polling provider Censuswide on behalf of Centrify, polled 200 senior decision makers in large-and medium-sized businesses on how they are adapting to the impact of the Coronavirus outbreak.
In response to their own concern, three-quarters (75%) of those surveyed revealed that they have issued formal guidance or training to staff about how to operate securely whilst working from home. Similarly, 50% are planning to hire in new IT staff or security experts to improve security processes.
Furthermore, 59% of business decision makers said that outsourced IT and other third parties are being treated as an equal cyber security concern as 100% remote working employees. This closes an important potential security gap, especially given that IT personnel often have privileged administrative access to infrastructure and other critical resources.
“Acknowledging the security issues posed by remote working is essential during this difficult time,” said Andy Heather, VP of Centrify.
“Unfortunately, remote workers including third-party contractors have been deemed a desirable target by hackers and cyber criminals, who are assuming that these employees have not been properly trained in, or protected by, the correct security measures in their transition to remote working during the COVID-19 pandemic.
“However, it’s promising to see that so many businesses have adjusted security policies in response to this threat and are still considering bolstering security and IT staff.
“Fortunately, overhauling cyber security policy and procedure does not have to be overly strenuous or expensive – instead, it requires a cohesive effort from all colleagues and employees, strong password hygiene including the use of Multi-Factor Authentication, and an Identity-Centric privileged access management solution to protect company data from breaches.”