Get All Access for $5/mo

How Working From Home Makes Businesses Easy Targets for Cybercriminals Weak wifi passwords, shared laptops, lack of firewalls and patchy use of VPNs are all pathways to system sabotage.

By Rajiv Das Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

alexsl | Getty Images

Imagine if a bank had a million dollars in its vault, and then one day its employees each took a share of the stash home for safekeeping.

That's a little like what's happened with companies' data and communications since the COVID-19 pandemic arrived. In the space of weeks, whole workforces transitioned from the office to their homes, straining the capacity of companies' digital infrastructure and posing a major test of their cybersecurity readiness.

Related: How Safe Is Your Data While Working Remotely?

Six plus months later, many enterprises are still playing catch-up with the security risks created by the new normal of working from home. Weak or no home wifi passwords, laptops shared among family members, a lack of firewalls, and patchy use of VPNs, executing critical business transactions: these are some of the nightmares for IT security professionals. And there's been plenty of evidence that a sense of urgency is justified.

Feeding off the pandemic

Cybercriminals have seized on the opportunity, stepping up their efforts to infiltrate company systems, prey on the vulnerable at home, and obtain sensitive data. In a survey conducted by VMWare, 91 percent of global respondents reported a rise in cyber attacks since the pandemic started.

The number of denial of service attacks tripled in the second quarter, according to a security report, as bad actors exploited the greater vulnerability of home networks. Ransomware and malware attacks are also on the rise, including high-profile incidents at Garmin and Carnival Cruises. It should be noted that most of the incidents are not reported and a ransom is often paid before business impacts are realized.

With remote work looking set to outlast the pandemic, businesses are being forced to change the way they think about cybersecurity. Although the importance of cybersecurity has been rising for years, it was still treated by many companies as something of an after-thought that only came to the fore when something bad happened.

Related: A Business Leader's Beginner Guide to Cybersecurity

Now, companies in all sectors have to start treating cybersecurity as part of their organizational DNA and as an essential building block of the ecosystems that connect them with their customers and third-party partners. The posture is changing from being reactive to predictive. Threat monitoring is becoming a primary goal for most cyber-savvy organizations when it comes to reducing business risk.

Stronger security is a must

Companies have woken up to the need to have a robust business continuity plan after many were caught off guard by the sudden, unanticipated arrival of the coronavirus. Even many who did have an emergency plan in place found it was inadequate, either because a pandemic wasn't one of the scenarios or because they hadn't tested the plan recently.

A business continuity plan can start off as something very simple, but it isn't a plan if it isn't tested regularly, ideally every 90 days, under different scenarios.

Corporate demand for collaborative platforms with built-in security has surged since lockdowns began. Companies are realizing that they need a back-up platform to give workers multiple collaboration channels and to ease the network strains caused by remote working.

The pandemic has accelerated the move to cloud-based platforms, which have eased security concerns by developing better methods to safeguard data. The shift to remote work from home has raised the question of who will be on-site to maintain office-based data centers and applications. Companies can also leverage the ability of cloud companies to support their business operations.

Remote workers need backup

To be successful, these changes require greater security awareness from top to bottom within organizations. Companies also need to take responsibility for providing home-based workers with the resources, protocols, and security education they need.

Related: The Real Cost of a Data Breach for Your Brand (and How to Best Protect Yourself)

In simple terms, they should be both expanding the pipes used by home workers and being proactive about making sure those pipes are secure. Some of these responsibilities will be shared between organizations, employees, and service providers. But the primary responsibility will fall on the data owners.

Companies should be prepared to cover the cost of the extra bandwidth home-based employees need for their jobs. On top of that, they should ensure that home workers have a secure network, a firewall, and are always using a VPN when connecting to company systems.

Having those elements in place, as well as ensuring workers are well educated about the various types of attacks they could be exposed to, will go a long way toward reducing security risks.

Rajiv Das

Principal on cybersecurity team

Rajiv Das is a principal in Plante Moran's cybersecurity group specializing in IT strategy and governance, business analytics, cybersecurity strategy and operations, and risk management services. His work helps leadership teams align IT with overall business goals. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Business News

'I'm Not Trying to Land on Mars': Mark Cuban Takes Dig at Elon Musk to Explain Why His Online Pharmacy Isn't Trying to Make More Money

Mark Cuban Cost Plus Drug Co. is an online pharmacy co-founded by Cuban and radiologist Alex Oshmyansky.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

'It's Not About You': How to Fire Someone Effectively, According to Kevin O'Leary

O'Leary says that if you can't fire someone, you aren't the right leader for the organization.

Business News

Meta Makes $1 Million Dollar Donation to Donald Trump's Inaugural Fund

Meta CEO Mark Zuckerberg also reportedly gave Trump a pair of Ray-Ban Meta smart glasses.

Marketing

Your Most Powerful Marketing Weapon Is Hiding in the Finance Department — Here's Why

Transform your marketing leadership by turning finance from a barrier into a strategic ally. Learn how aligning with your finance team can drive unprecedented growth and innovation.