Since the onset of the pandemic, convenience, or even in some cases obligation, has led us to work remotely. This paradigm shift in the way we deal with our day-to-day lives brings with it, however, an unwanted element: the insecurity of teleworking. A problem regarding the confidentiality of the processes and data we handle.
From now on, from home
What was considered almost an eccentricity before March of last year is now the daily routine of many companies. And although most businesses advocate rescuing the traditional work formula, the truth is that this new method, which allows a better work-life balance, seems to be here to stay. At least partially.
In Spain alone, 43% of workers prefer to spend their working day at home. This figure rises to 84% if we talk about partial teleworking (2 or 3 days a week). All this reflects the fact that a trend is setting in that, sooner or later, will have to be faced.
The benefits for workers are obvious: beyond the improvement in work-life balance, the savings in expenses such as travel or, in some cases, food, make the scales tip in favor of remote work. There are also benefits for companies. They could consider smaller sites and even notice a positive impact on their accounts thanks to lower bills such as electricity or some consumables. Even the environment is grateful for teleworking. Fewer employees on the road means fewer tons of CO2 released into the atmosphere as a result of travel that is no longer necessary.
Teleworking insecurity is increasing. Photo: Tima.
The problem? The insecurity of teleworking
Of course, it can’t all be advantages and here too there is one problem that stands out above all others. At a time when information protection is more important than ever, remote working has come to challenge the security systems of many companies. Thus, the insecurity of teleworking comes from aspects that businesses cannot control because they are now almost exclusively in the hands of employees.
From the use of unsecured passwords to the use of unprotected connections, working from home requires additional effort to ensure the confidentiality of processes and the information that depends on them. In addition, there are other aspects that require attention, such as the fact that the company’s equipment is used by other members of the family in 29% of the cases. That the use of platforms such as Zoom or Teams (used for virtual meetings) have suffered several attacks in the last year. Or that up to 77% of the devices used by workers do not have sufficient security to access their companies’ corporate systems.
SMEs in the spotlight
We have already drawn some conclusions from the above. But focusing on small and medium-sized companies will help us to complete the puzzle in our head.
It is obvious that large corporations are the most adapted and protected since they have exclusive departments dedicated to protection tasks. But what about SMEs?
In the past year alone, 40% of small and medium-sized companies on the European continent have been the target of cyber-attacks. And the figure is not trivial. Year after year, this type of attack increases exponentially, compromising the security and information of the companies that are least prepared to deal with it. And the attack almost always comes from the weakest side of the protection chain: the worker. And if, as we have already mentioned, the insecurity of teleworking lies mainly in the independence of the employee with respect to the more controlled environment that may have in the office, we are facing the perfect breeding ground for our information can be hijacked by third parties for an illicit use of it.
Better safe than sorry
For all these reasons, the insecurity of teleworking deserves special attention. Especially if it is to be implemented as a hybrid model in most companies. We must make an exploration of what can go wrong. We must monitor the weak points and attack the flanks where aggression could occur. All this is of vital importance to save us the costs and problems derived from a cyber-attack.
Tools such as pentesting, for example, which looks for vulnerabilities in systems to prevent future attacks, become essential in order to protect companies’ most valuable resources.
The insecurity of teleworking does not have to be a black hole through which everything is lost. It can also be an opportunity to improve our business protection approaches. A way to adapt to the changes that are taking place and with which, sooner or later, we will have to deal.
