Bad password habits + remote working = cyber risks for your business

A new survey has found that remote working has increased the number of cybersecurity risks through bad habits, including children using work devices and poor passwords.


Whilst the adoption of businesses using the cloud during the coronavirus pandemic in the last 12 months has increased. We need to make sure that this transition is secure for staff and businesses alike.

This YouGov survey included 2,000 UK employees on behalf of Scottish information technology and cloud computing company Iomart. The survey highlights the cybersecurity risks that can come from seemingly innocuous everyday behaviours in the home.


Statistics on the use of passwords and devices at home

74% of respondents said that they don’t use different passwords


Do your staff using strong enough passwords?

74% of respondents said that they don’t use different passwords for different accounts, showing that only 20% of respondents used different passwords for all accounts they use.


The survey found that as we’ve all spent more time at home over the last 12 month, 25% of people are allowing their children to use their work devices. With 17% allowing children to use their work device for homeschooling and 7% to socialise with their friends (including online gaming).


It’s clear to see that many of us have been forced to blur the lines between our time whilst working from home, and many of us have blurred the line in using work devices for personal use.

The rapid adoption of remote working practices during lockdown has meant that new challenges have been created, we all need to ensure we are thinking of our long-term security should this remote working continue in the future.


Business leaders need to review their device security and consider introducing stronger cyber security policies for staff to follow.


The National Cyber Security Centre recommends that you set up new accounts and accesses so your staff can work safely. They should set up strong passwords and implement two-factor authentication if available.

Don’t forget to prepare and educate your staff from email scams, there has been an increase in hackers preying on the fears of the Covid-19 vaccine and the impersonation of senior staff members.

Make sure your staff are aware of 'phishing' emails that try and trick users into clicking on malicious links. If these emails are clicked, the user is sent to a website that could download malware onto their computer, or steal account information and passwords.


Check out this short video on some top tips that can help you from falling victim to Phishing attacks:



You should also consider a fully patched VPN (Virtual Private Network) for users to safely access files and emails. VPNs create an encrypted network connection that authenticates devices and encrypts data in transit between the user and your services.

The quickest and easiest way you can improve your cyber security knowledge is to sign up for our membership. We'll work with you to strengthen your knowledge and resilience to online crime and cyber attacks with guidance like the above.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.