How Working From Home Makes Businesses Easy Targets for Cybercriminals Weak wifi passwords, shared laptops, lack of firewalls and patchy use of VPNs are all pathways to system sabotage.

By Rajiv Das

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

alexsl | Getty Images

Imagine if a bank had a million dollars in its vault, and then one day its employees each took a share of the stash home for safekeeping.

That's a little like what's happened with companies' data and communications since the COVID-19 pandemic arrived. In the space of weeks, whole workforces transitioned from the office to their homes, straining the capacity of companies' digital infrastructure and posing a major test of their cybersecurity readiness.

Related: How Safe Is Your Data While Working Remotely?

Six plus months later, many enterprises are still playing catch-up with the security risks created by the new normal of working from home. Weak or no home wifi passwords, laptops shared among family members, a lack of firewalls, and patchy use of VPNs, executing critical business transactions: these are some of the nightmares for IT security professionals. And there's been plenty of evidence that a sense of urgency is justified.

Feeding off the pandemic

Cybercriminals have seized on the opportunity, stepping up their efforts to infiltrate company systems, prey on the vulnerable at home, and obtain sensitive data. In a survey conducted by VMWare, 91 percent of global respondents reported a rise in cyber attacks since the pandemic started.

The number of denial of service attacks tripled in the second quarter, according to a security report, as bad actors exploited the greater vulnerability of home networks. Ransomware and malware attacks are also on the rise, including high-profile incidents at Garmin and Carnival Cruises. It should be noted that most of the incidents are not reported and a ransom is often paid before business impacts are realized.

With remote work looking set to outlast the pandemic, businesses are being forced to change the way they think about cybersecurity. Although the importance of cybersecurity has been rising for years, it was still treated by many companies as something of an after-thought that only came to the fore when something bad happened.

Related: A Business Leader's Beginner Guide to Cybersecurity

Now, companies in all sectors have to start treating cybersecurity as part of their organizational DNA and as an essential building block of the ecosystems that connect them with their customers and third-party partners. The posture is changing from being reactive to predictive. Threat monitoring is becoming a primary goal for most cyber-savvy organizations when it comes to reducing business risk.

Stronger security is a must

Companies have woken up to the need to have a robust business continuity plan after many were caught off guard by the sudden, unanticipated arrival of the coronavirus. Even many who did have an emergency plan in place found it was inadequate, either because a pandemic wasn't one of the scenarios or because they hadn't tested the plan recently.

A business continuity plan can start off as something very simple, but it isn't a plan if it isn't tested regularly, ideally every 90 days, under different scenarios.

Corporate demand for collaborative platforms with built-in security has surged since lockdowns began. Companies are realizing that they need a back-up platform to give workers multiple collaboration channels and to ease the network strains caused by remote working.

The pandemic has accelerated the move to cloud-based platforms, which have eased security concerns by developing better methods to safeguard data. The shift to remote work from home has raised the question of who will be on-site to maintain office-based data centers and applications. Companies can also leverage the ability of cloud companies to support their business operations.

Remote workers need backup

To be successful, these changes require greater security awareness from top to bottom within organizations. Companies also need to take responsibility for providing home-based workers with the resources, protocols, and security education they need.

Related: The Real Cost of a Data Breach for Your Brand (and How to Best Protect Yourself)

In simple terms, they should be both expanding the pipes used by home workers and being proactive about making sure those pipes are secure. Some of these responsibilities will be shared between organizations, employees, and service providers. But the primary responsibility will fall on the data owners.

Companies should be prepared to cover the cost of the extra bandwidth home-based employees need for their jobs. On top of that, they should ensure that home workers have a secure network, a firewall, and are always using a VPN when connecting to company systems.

Having those elements in place, as well as ensuring workers are well educated about the various types of attacks they could be exposed to, will go a long way toward reducing security risks.

Rajiv Das

Principal on cybersecurity team

Rajiv Das is a principal in Plante Moran's cybersecurity group specializing in IT strategy and governance, business analytics, cybersecurity strategy and operations, and risk management services. His work helps leadership teams align IT with overall business goals. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Related Topics

Starting a Business

This Retiree's Leisurely Side Hustle Makes $66,000 a Year and, 'You Don't Even Need to Go to High School to Do It'

Barbara Hill wanted a flexible, part-time job that would transition well into retirement. Now she mentors younger people who are making over $200,000 a year. Here's her insider's guide to getting started.

Business News

Who Owns The Rights to Your AI-Generated Content? Not, It's Not You. Uncover The Scary Truth That Puts AI Users At Risk.

The realization that copyright laws do not protect AI-generated material might come as a shock to many.

Business News

HP Wants You to 'Never Own A Printer Again,' Launches Rental Subscription

In February, HP's CEO Enrique Lores stated that making printing a subscription service was the company's "long-term objective."

Business Ideas

How to Start a Travel Service

With diverse options like corporate travel, niche travel and franchising, there are a number of ways you can put your love of travel to work.

Business News

Jeff Bezos, Microsoft, and Nvidia All Decided To Invest in a $2.6 Billion Humanoid Robot Startup

Robotics startup Figure AI wants to help industries "where labor shortages are the most severe."

Business News

IKEA Price Increases Are Going Viral — Here's How Much Your Favorite Couch Costs Now: 'Inflation Is Crazy'

A video with a customer complaining about "inflation" and "corporate greed" has racked up over 1.3 million views on TikTok.