Coronavirus: Remote working 'could put data at risk'

Nearly three-quarters of business decision makers (71%) believe that the shift to 100% remote working during the COVID-19 crisis has increased the likelihood of a cyber breach, according to new data released by cyber security company Centrify, a leading provider of identity-centric privileged access management solutions.

The data, obtained via a poll of 200 senior business decision-makers in large- and medium-sized UK companies conducted by independent polling company Censuswide on behalf of Centrify, also revealed that 46% have already noted an increase in phishing attacks since implementing a policy of widespread remote working. The polling took place on March 26-27, as the UK government announced much stricter lockdown policies to tackle the Coronavirus, including urging all employees to work from home where possible.

The research also found that 79% of business decision makers have increased their cyber security procedures to manage high volumes of remote access over the next three months. Similarly, 73% of businesses have given staff extra training on how to remain cyber-safe when working remotely, with specific training around verifying passwords and log-in credentials.

The survey also noted additional fears that IT systems are at risk, with over half saying they believe that privileged IT admin remote access is at risk of security breach.

Andy Heather, VP, Centrify commented: “Cyber criminals will no doubt attempt to seize the opportunity presented by the all-out expansion of remote workers, many of whom have not been proficiently trained in even the most basic of cyber security measures. Therefore, it is essential that businesses and employees remain vigilant during these challenging times.

“Organisations of all sizes must prioritise security protocols when transitioning employees from an office to a remote working environment. This includes introducing professional training for all employees on how to operate IT and online infrastructure safely, and how to spot unusual or potentially malicious activity. Furthermore, businesses should take an Identity-centric approach to secure remote privileged access, to ensure that any hackers and cyber criminals cannot gain access to sensitive systems or data.”

Donal Blaney, MD, Griffin Law, a cyber security specialist legal firm commented: “Ignorance of the law is no defence, even with remote working. Company directors and business owners owe it to themselves, their staff, their shareholders, and their customers to know how to protect their businesses and their customers’ data. They will only have themselves to blame if they have ineffective defences. Ensure your systems are secure, train your staff, keep anti-virus programmes, hardware and software current, and clarify the method with which you connect with customers securely.”