Bryan Robinson
After the cyber attack on Colonial Pipeline and other businesses, lawmakers urge companies to toughen their cyber defenses. Many smaller businesses, remote workers and ordinary consumers lack a two-factor authentication for appropriate protection, according to a new study. Since 71% of the American workforce has gone remote, protection from cyber warfare is essential.
VPNoverview surveyed over 1,000 full-time remote employees about their cyber security requirements for work, who’s paying for them, how seriously they take online security and whether or not they’ve experienced a cybersecurity threat. The results showed that as many workers moved from corporate offices to home offices during the pandemic, cybersecurity ultimately became more lax. Two in five remote employees experienced data breaches during the pandemic. Larger companies tended to be more likely to require certain security measures. The use of two-factor authentication and VPNs (Virtual Private Networks), for instance, increased proportionately with company size. That said, 43% of cybersecurity threats globally target small businesses, as they are often unable to utilize as many defensive resources as larger companies.
VPNoverview Study Highlights
Businesses with under 50 employees reported relying most often on secure Wi-Fi networks (48.3%) and antivirus software (48.3%).
14% of remote employees weren’t supplied with any tech from their company for working from home, and 21% pay for work cybersecurity, totaling $111.30 monthly on average
Employees were less likely to use secure Wi-Fi (54%) or antivirus software (48%) during the pandemic compared to pre-pandemic (58%, 51%). VPNs are seeing a slight increase in usage since the pandemic (48% now versus 44% pre-pandemic)
Nearly 20% of remote employees don’t think their personal cybersecurity has improved during the pandemic
32% of remote employees have been targeted by a phishing/cybersecurity attack more than once. Over two in five remote employees have experienced data breaches and/or related repercussions after experiencing a cybersecurity attack.
89.4% of remote employees reported taking their work cybersecurity seriously.
48.3% of remote employees had been the target of a phishing/cybersecurity attack at least once. Over 40% of these remote employees experienced data breaches and/or related repercussions as a result.
Overall, remote employees felt they take their work cybersecurity more seriously than their employers.
"I think the main implication of this study is more so on the company-front,” said Aditya Sachdeva, project manager on behalf of VPNoverview.com. “We saw that a lot of small companies don't have any/as many formal cybersecurity practices for their employees to follow as larger companies. Even more so, when exposed to threats, many small companies don't defend against them (27.4% don't do anything when they are exposed to a cybersecurity risk). So while they probably have lesser data to protect than larger companies, they still are fairly exposed to be victims of cyber attacks. Nine in 10 remote employees said they knew proper protocol when faced with a cybersecurity attack, so it’s critical that they monitor potential threats on a regular basis.”
How To Protect Your Data
What’s not as clear is what remote workers and consumers can do to ensure their data stays private. Dr. Don Vaughn, head of product at Invisibly, an online platform enabling people to take back control of their personal information, offers the following tips on how you can keep your data private:
Get a VPN. In some cases, people and companies can spy on what websites you’re visiting, where you’re located, and your computer’s identification number. You can stop them by using a VPN (virtual private network) from such networks as ExpressVPN or Norton Secure VPN. which protects your information and makes it look like you’re browsing using a computer somewhere else.
Use a private search engine. Google makes money by tracking you, collecting as much information as possible on you, and then sells your attention using ads based on that. But you can still get great search results without being tracked and targeted by using a private search engine. We recommend using DuckDuckGo.
Tune up your privacy settings. You leave a data trail every time you use products like Facebook and Google. Most companies let you choose what should or should not be shared and others even let you choose what data should be deleted. You can manage your privacy settings through your Facebook settings page. From the settings page, if you click on “privacy,” you can limit who can find you via your phone number and email address and whether or not your profile shows up on search engines. Additionally, you can stop sharing your location with Facebook in your phone’s settings. On Google, you can delete your activity on some associated Google apps by following these instructions.
Have a Backup ”Public” Email or Unsubscribe From Unwanted Emails. When you provide your email address to a company or service online, many times you end up being bombarded with marketing emails and spam. While many services offer an opt-out checkbox for marketing emails, it's easy to forget to do this every time we enter our email online. Somewhere at the bottom of most marketing emails you have the ability to unsubscribe and stop receiving them. If you don’t want to deal with this, we suggest having a separate email address to use publicly on the web and keeping a more personal email address for private use. If you use a bulk unsubscribe email service, make sure you are using a safe service. Some free services could collect and sell your data. If you are willing to pay for such a service, Clean Email is safe and does not sell their user’s data.
Check Permissions. Most apps and browser extensions have a list of permissions that you sign off on when you start using that service. Sometimes, permissions are required for a service to work (e.g. A GPS or Maps app needs to access your location data to work). By double checking the permissions an app has access to, you could be stopping an app from accessing certain data it doesn’t have to access. Similarly, if you have smart speakers at home such as a Google Home or Amazon Alexa, you can control if they store any of your audio recordings and if they send them to their server. You can also control other privacy settings and permissions with these devices. Check out privacy control for Amazon Alexa here and for Google home here.
“A large number of remote employees haven’t been provided cybersecurity requirements from their employer, so it’s important that they discuss this with their employer to see if they can be reimbursed for security features using a remote work stipend in a lump-sum allowance or on a monthly basis,” Sachdeva explains. “If this isn’t an option, it’s still important for remote employees to have measures in place, as cybersecurity attacks can impact personal data during working hours."
No comments:
Post a Comment