Remote work has truly become the new normal. But it brings with it new cyberthreats and an urgent need for increased cybersecurity. Many data breaches are caused by employee mistakes – these five in particular. Read and learn.
Accessing Sensitive Data on Unsecured Wi-Fi Networks
Employees using unsecured public wi-fi to access their corporate accounts make it easy for nearby malicious actors to spy on their connection and steal confidential data. For instance, cybercriminals can easily intercept and steal unencrypted data sent in plain text. Employees should never use unknown Wi-Fi networks for work unless they’re using a VPN.
Using Personal Devices for Work
46% of home workers admit to transferring files between their work and personal computers. Many companies also operate a BYOD (Bring Your Own Device) policy, allowing employees to bring their personal devices to use at the office. But this fun-sounding approach could mean party time for hackers.
For instance, if someone suddenly leaves the company, they’ll probably still have confidential information stored on their device. Also not everyone bothers to keep the software up to date on their personal devices, and this can open up security holes. Timely application of software patches is vital – but a safer option is for every employee to have a company laptop and to avoid using personal devices for or at work.
Ignoring Basic Physical Security in Public Places
Some data breaches are embarrassingly low-tech: employees having sensitive phone calls in public, letting the entire clientele of Starbucks see their screens, or even leaving their devices unattended. Even if it seems obvious, companies need to run training on basic security measures. Anyone can have a lapse of common sense.
Using Weak Passwords
That one person whose password is P@ssw0rd could cost their company millions. All the VPNs, firewalls, and fancy security measures in the world won’t protect a remote network from weak passwords. Cybercriminals know it’s easier to second-guess Susan from Accounting than to crack the code of an advanced security solution, so they’ll try every obvious and semi-obvious password in the book. They actually pass around lists of frequently-used passwords.
Repeating passwords can also get you hacked. If someone cracks the password to one account, they’ll try to access other accounts with the same password. Employees who repeat passwords, and especially employees who use the same password for their personal and business accounts, risk opening company data up to criminals.
Unencrypted File Sharing
Companies may encrypt data that’s stored on the company network, but never think of encrypting data that’s in transit. Employees send so much private data around every day – including files and clients’ personal information – that if it’s intercepted, it could lead to theft, ransomware cyberattacks, identity fraud, and more.