Securing Employees' Digital Lives Amid Growing Online Risks

With many growing businesses assessing what a hybrid work model will look like for their company, it's important to keep your workforce's online habits safe and secure amid the evolving workplace.

LastPass by LogMeIn, the company of which I am president and CEO, recently released its annual Psychology of Passwords Report and found that despite 71% of people working wholly or partly remote and 70% spending more time online for personal entertainment during the pandemic, they were still exhibiting poor password behavior. And most data breaches – a staggering 85% – involve a human element, such as clicking a phishing link, according to the 2021 Data Breach Investigations Report (DBIR). Cybercriminals took note of this by increasingly targeting individuals and their devices. According to the DBIR, 36% of breaches last year involved phishing and the overall rate of data breaches involving ransomware also doubled, showcasing why the need for password security remains critical.

With an increased threat of hackers taking advantage of and exploiting human vulnerabilities, we're seeing the types of cyber-attacks have shifted, a major concern for businesses worldwide. While a lot has been done to promote the importance of proper password hygiene, we need to do more to educate our employees and customers about safe online practices. As we observe Cybersecurity Awareness Month this October, here is how businesses can better secure their workforce and counteract poor cybersecurity hygiene.

Treat personal and work credentials as equally confidential

As the time we spend online continues to increase, so does the need for stronger security measures – both at home and in the workplace. The recent Psychology of Passwords report found that 47% of respondents did not change their online security habits while working remotely and 44% even admitted to sharing sensitive information and passwords for professional accounts while working from home. It's no secret that people will pick and choose what information they think is worth protecting and, as a result, they knowingly engage in risky password behaviors. To help secure sensitive information, employees need to treat all their credentials as confidential. You might not think your local gym credentials are worth anything to hackers, but if those credentials are identical or even close to your bank account or work email logins, a breach at your gym could mean a breach of sensitive financial or confidential information.

Related: The Best Password Managers to Tighten Your Security

Motivate employees to adopt better habits

With almost half of employees engaging in risky behavior while working remotely, IT teams are now being tasked with rethinking their security strategies to reshape how their companies collaborate, communicate, and operate. It's imperative for these leaders to motivate their employees to adopt better online security practices. According to a recent study by IBM, data breaches cost companies an average of $4.24 million per incident. The study examined real-world data breaches from over 500 organizations and suggested that security incidents have become both more costly and harder to contain due to drastic operational shifts during the pandemic, with costs rising 10% when compared to the year before.

Related: 4 Cybersecurity Best Practices for Your Organization

While the presence of increased risk does not inherently motivate people to adopt better habits, investing in a password manager solution to improve overall password hygiene and security is a quick win. Companies can do this by implementing single sign-on (SSO) and multi-factor authentication (MFA) to secure all points of access, as well as providing security training to educate employees. Employers should motivate and educate employees about the real-world consequences of poor cybersecurity hygiene. The same way that physical office security is valued and expected, companies must now translate the importance of online work security.

Protect your increased digital footprint

Because we're spending more time online, our personal information can be easily exploited, especially on social media. Malicious actors scrape public profiles and can use seemingly harmless information, such as the locations you check into or the pet photos you post, to hack accounts outside of your social media. Additionally, if you're using your work computer on an unsecure network while working from home, this can put your employer at risk as well. The key to avoiding this exploitation is robust protection for both our personal and work information.

Regardless of where you find yourself on the flexible work spectrum, the importance of implementing safe and secure online habits for employees is only growing in importance – not only for the employees' personal security and protection, but also for the business' security and online protection.

Related: 7 Simple Business Security Tips From Her Majesty's Secret Service