A new homeworking security report from CyberArk has surveyed 3000 remote office workers and IT professionals. It finds that increased homeworking, resulting from the 2020 pandemic, could be bad news for a company’s IT security posture.
It has uncovered several interesting statistics, such as:
- A huge problem with password reuse; 93% of respondents say they use the same password for business and personal use.
- 29% admitted allowing other members of their family to use corporate IT systems for personal use.
- 77% of remote employees are using potentially insecure personal devices to access corporate systems.
The information in this report shows a clear need for better security management for remote working.
Secure Homeworking is Possible
Many small businesses don’t realise that it is possible to centrally enforce security controls on corporate AND personal devices. You can gain control over what users can do on work devices and personal devices when accessing corporate applications and data. By using a combination of technologies, you can centrally control:
- Security policies on business issued devices. These include screen lock time out, disk encryption, removable devices and web surfing, to name but a few.
- How corporate applications are accessed on personal devices, known as Bring Your Own Device (BYOD). For example, you can allow access to corporate applications from personal mobile devices but mandate that certain security levels must first be met. For example, you can require a PIN to be configured on the device and check that it is not jailbroken (cracked) before allowing access.
- You can segregate personal and company data. Company data is given an additional layer of protection and stored separately from personal data. This allows company data to be wiped remotely from a personal device, without touching the user’s personal data, if the device is lost, or an employee leaves the organisation.
You can use Sophos, Microsoft Intune, or a combination of the two. This provides a holistic and robust solution that will ensure your company security requirements are enforced, regardless of where your users work or which devices they use.
It should also be said that educating your users on what is required of them from a cybersecurity point of view is more important now than ever.
Want to know more? Contact us or arrange a call.