Specops study reveals biggest remote working cyber security concerns

Most employees that have some kind of digital aspect present within their duties are now practicing remote working due to government guidelines amidst the coronavirus pandemic, and fresh cyber security concerns have risen as a result.

This apprehension among senior company staff is further evidenced by the finding by Specops that 300,000 Google searches relating to cyber security were activated throughout the previous month.

Senior staff from 14 different sectors, 100 from each, were asked to pick one of six security factors that they thought were their biggest concern.

Reduced password and passcode security

The most frequently cited factor among senior staff was reduced password and passcode security. This was predominantly chosen by the computer and IT, travel and hospitality, charity and voluntary work, and media and internet sectors.

Out of the 400 senior staff members surveyed from these sectors, 76% expressed particular worry towards password attacks.

Employees working from home often lack the security that company networks have, which increases the risk of personal and work-related data being hacked.

Additionally, Specops have found an increase in phishing, malware and password spraying since COVID-19 began to take hold.

“This makes it more important than ever that a “unique” password, or even better a passphrase, and where possible 2FA or MFA, should be used,” said Darren James, product specialist and security expert at Specops Software. “Anyone working from home that is known to be using a compromised password should be encouraged to change it as soon as possible.

“Users also face genuine problems with password expiry and notification of password expiry (especially with their corporate AD accounts). The native tools don’t really give the admin a lot of options, so a user’s risk of being locked out of their accounts for an extended period of time is much greater than in the past.”

Inadequate backup and recovery

The second most common cyber security concern, inadequate backup and recovery of data was identified by the medical and health, education and training, and creative arts and design sectors.

Healthcare professionals in particular are bound to be concerned about data security, given the sensitive nature of the patient information in their systems.

Waste no time and backup your systems this World Backup Day

Information Age spoke to five experts on World Backup Day to establish their most important advice to businesses who take backup seriously. Read here

Getting workers to follow protocols

The customer service and business, consulting and management sectors said that their biggest concern involved ensuring that employees adhered to cyber security protocols.

A coherent cyber security protocol is vital for businesses in order to avoid miscommunication. According to Raconteur, this should include remote-working access management, the use of personal devices, and updated data privacy considerations for employee access.

Tracking and managing assets

Security concerns regarding tracking and managing assets while remote working were felt across the law and accountancy, banking and finance sectors.

Revenue could be lost if companies don’t have an action plan in place to respond to inefficient asset management.

Third party access to videos calls or webinars

Recruitment and HR, along with the marketing, advertising and PR sector, expressed concern about video calls or webinars being infiltrated by third parties.

Video conferencing platform Zoom has recently been revealed to have had meetings hacked, with passwords and meeting IDs being stolen.

How to make your Zoom meetings private and secure

Since the coronavirus began disrupting normal ways of working and social life, individuals and organisations have adopted Zoom at an increasing rate, but is privacy and security being overlooked? Read here

GDPR compliance

The only sector to cite GDPR as a major cyber security concern was sales.

“Organisations need to make sure that they have a robust leavers policy and process in place,” said James. “If someone does leave the organisation, their access must be removed in a timely manner, and any company devices that they may have should be securely wiped.

“The BYOD scenario brings a lot of challenges to this subject in particular, e.g. global wipe vs selective wipes.”


Avatar photo

Aaron Hurst

Aaron Hurst is Information Age's senior reporter, providing news and features around the hottest trends across the tech industry.