Black Friday Sale! 50% Off All Access

How Working From Home Makes Businesses Easy Targets for Cybercriminals Weak wifi passwords, shared laptops, lack of firewalls and patchy use of VPNs are all pathways to system sabotage.

By Rajiv Das Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

alexsl | Getty Images

Imagine if a bank had a million dollars in its vault, and then one day its employees each took a share of the stash home for safekeeping.

That's a little like what's happened with companies' data and communications since the COVID-19 pandemic arrived. In the space of weeks, whole workforces transitioned from the office to their homes, straining the capacity of companies' digital infrastructure and posing a major test of their cybersecurity readiness.

Related: How Safe Is Your Data While Working Remotely?

Six plus months later, many enterprises are still playing catch-up with the security risks created by the new normal of working from home. Weak or no home wifi passwords, laptops shared among family members, a lack of firewalls, and patchy use of VPNs, executing critical business transactions: these are some of the nightmares for IT security professionals. And there's been plenty of evidence that a sense of urgency is justified.

Feeding off the pandemic

Cybercriminals have seized on the opportunity, stepping up their efforts to infiltrate company systems, prey on the vulnerable at home, and obtain sensitive data. In a survey conducted by VMWare, 91 percent of global respondents reported a rise in cyber attacks since the pandemic started.

The number of denial of service attacks tripled in the second quarter, according to a security report, as bad actors exploited the greater vulnerability of home networks. Ransomware and malware attacks are also on the rise, including high-profile incidents at Garmin and Carnival Cruises. It should be noted that most of the incidents are not reported and a ransom is often paid before business impacts are realized.

With remote work looking set to outlast the pandemic, businesses are being forced to change the way they think about cybersecurity. Although the importance of cybersecurity has been rising for years, it was still treated by many companies as something of an after-thought that only came to the fore when something bad happened.

Related: A Business Leader's Beginner Guide to Cybersecurity

Now, companies in all sectors have to start treating cybersecurity as part of their organizational DNA and as an essential building block of the ecosystems that connect them with their customers and third-party partners. The posture is changing from being reactive to predictive. Threat monitoring is becoming a primary goal for most cyber-savvy organizations when it comes to reducing business risk.

Stronger security is a must

Companies have woken up to the need to have a robust business continuity plan after many were caught off guard by the sudden, unanticipated arrival of the coronavirus. Even many who did have an emergency plan in place found it was inadequate, either because a pandemic wasn't one of the scenarios or because they hadn't tested the plan recently.

A business continuity plan can start off as something very simple, but it isn't a plan if it isn't tested regularly, ideally every 90 days, under different scenarios.

Corporate demand for collaborative platforms with built-in security has surged since lockdowns began. Companies are realizing that they need a back-up platform to give workers multiple collaboration channels and to ease the network strains caused by remote working.

The pandemic has accelerated the move to cloud-based platforms, which have eased security concerns by developing better methods to safeguard data. The shift to remote work from home has raised the question of who will be on-site to maintain office-based data centers and applications. Companies can also leverage the ability of cloud companies to support their business operations.

Remote workers need backup

To be successful, these changes require greater security awareness from top to bottom within organizations. Companies also need to take responsibility for providing home-based workers with the resources, protocols, and security education they need.

Related: The Real Cost of a Data Breach for Your Brand (and How to Best Protect Yourself)

In simple terms, they should be both expanding the pipes used by home workers and being proactive about making sure those pipes are secure. Some of these responsibilities will be shared between organizations, employees, and service providers. But the primary responsibility will fall on the data owners.

Companies should be prepared to cover the cost of the extra bandwidth home-based employees need for their jobs. On top of that, they should ensure that home workers have a secure network, a firewall, and are always using a VPN when connecting to company systems.

Having those elements in place, as well as ensuring workers are well educated about the various types of attacks they could be exposed to, will go a long way toward reducing security risks.

Rajiv Das

Principal on cybersecurity team

Rajiv Das is a principal in Plante Moran's cybersecurity group specializing in IT strategy and governance, business analytics, cybersecurity strategy and operations, and risk management services. His work helps leadership teams align IT with overall business goals. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Living

These Are the 'Wealthiest and Safest' Places to Retire in the U.S. None of Them Are in Florida — and 2 States Swept the List.

More than 338,000 U.S. residents retired to a new home in 2023 — a 44% increase year over year.

Business News

DOGE Leaders Elon Musk and Vivek Ramaswamy Say Mandating In-Person Work Would Make 'a Wave' of Federal Employees Quit

The two published an op-ed outlining their goals for their new department, including workforce reductions.

Starting a Business

This Sommelier's 'Laughable' Idea Is Disrupting the $385 Billion Wine Industry

Kristin Olszewski, founder of Nomadica, is bringing premium wine to aluminum cans, and major retailers are taking note.

Business News

These Are the Highest Paying Jobs Available Without a College Degree, According to a New Report

The median salaries for these positions go up to $102,420 per year.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Starting a Business

He Started a Business That Surpassed $100 Million in Under 3 Years: 'Consistent Revenue Right Out of the Gate'

Ryan Close, founder and CEO of Bartesian, had run a few small businesses on the side — but none of them excited him as much as the idea for a home cocktail machine.