Cybersecurity: Half of employees admit they are cutting corners when working from home

Distractions while working from home, pressure to hit deadlines and using personal devices are all creating additional security risks for remote workers.
Written by Danny Palmer, Senior Writer

Half of employees are cutting corners with regards to cybersecurity while working from home – and could be putting their organisation at risk of cyberattacks or data breaches as a result.

The coronavirus pandemic has forced both employers and employees to quickly adjust to remote working – and, often without the watchful eyes of IT and information security teams, workers are taking more risks online and with data than they would at the office.

Analysis by researchers at cybersecurity company Tessian reveals that 52% of employees believe they can get away with riskier behaviour when working from home, such as sharing confidential files via email instead of more trusted mechanisms.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)  

According to Tessian's The State of Data Loss Report, some of the top reasons employees aren't completely following the same safe data practices as usual include working from their own device, rather than a company issued one, as well as feeling as if they can take additional risks because they're not being watched by IT and security.

In some cases, employees aren't purposefully ignoring security practices, but distractions while working from home – such as childcare, room-mates and not having a desk set-up like they would at the office – are having an impact on how people operate.

Meanwhile, some employees say they're being forced to cut security corners because they're under pressure to get work done quickly.

Half of those surveyed said they've had to find workarounds for security policies in order to efficiently do the work they're required to do – suggesting that in some cases, security policies are too much of a barrier for employees working from home to adapt to.

However, by adopting workarounds employees could be putting their organisation at risk from cyberattacks, especially as hackers increasingly turn their attention to remote workers.

"People will cut corners on security best practices when working remotely and find workarounds if security policies disrupt their productivity in these new working conditions," said Tim Salder, CEO of Tessian.

"But, all it takes is one misdirected email, incorrectly stored data file, or weak password, before a business faces a severe data breach that results in the wrath of regulations and financial turmoil."

SEE: Coronavirus: Effective strategies and tools for remote work during a pandemic

While the surge in remote working is bringing additional challenges for both employees and employers, there are a number of simple steps that can be taken to boost security without impeding productivity. One of these is employing multi-factor authentication, providing an extra barrier to defence that helps stop cyber criminals gaining access to accounts – and potentially corporate data.

The UK's National Cyber Security Centre (NCSC) has previously shared security tips for working from home.


Editorial standards