How Working From Home Makes Businesses Easy Targets for Cybercriminals Weak wifi passwords, shared laptops, lack of firewalls and patchy use of VPNs are all pathways to system sabotage.

By Rajiv Das Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

alexsl | Getty Images

Imagine if a bank had a million dollars in its vault, and then one day its employees each took a share of the stash home for safekeeping.

That's a little like what's happened with companies' data and communications since the COVID-19 pandemic arrived. In the space of weeks, whole workforces transitioned from the office to their homes, straining the capacity of companies' digital infrastructure and posing a major test of their cybersecurity readiness.

Related: How Safe Is Your Data While Working Remotely?

Six plus months later, many enterprises are still playing catch-up with the security risks created by the new normal of working from home. Weak or no home wifi passwords, laptops shared among family members, a lack of firewalls, and patchy use of VPNs, executing critical business transactions: these are some of the nightmares for IT security professionals. And there's been plenty of evidence that a sense of urgency is justified.

Feeding off the pandemic

Cybercriminals have seized on the opportunity, stepping up their efforts to infiltrate company systems, prey on the vulnerable at home, and obtain sensitive data. In a survey conducted by VMWare, 91 percent of global respondents reported a rise in cyber attacks since the pandemic started.

The number of denial of service attacks tripled in the second quarter, according to a security report, as bad actors exploited the greater vulnerability of home networks. Ransomware and malware attacks are also on the rise, including high-profile incidents at Garmin and Carnival Cruises. It should be noted that most of the incidents are not reported and a ransom is often paid before business impacts are realized.

With remote work looking set to outlast the pandemic, businesses are being forced to change the way they think about cybersecurity. Although the importance of cybersecurity has been rising for years, it was still treated by many companies as something of an after-thought that only came to the fore when something bad happened.

Related: A Business Leader's Beginner Guide to Cybersecurity

Now, companies in all sectors have to start treating cybersecurity as part of their organizational DNA and as an essential building block of the ecosystems that connect them with their customers and third-party partners. The posture is changing from being reactive to predictive. Threat monitoring is becoming a primary goal for most cyber-savvy organizations when it comes to reducing business risk.

Stronger security is a must

Companies have woken up to the need to have a robust business continuity plan after many were caught off guard by the sudden, unanticipated arrival of the coronavirus. Even many who did have an emergency plan in place found it was inadequate, either because a pandemic wasn't one of the scenarios or because they hadn't tested the plan recently.

A business continuity plan can start off as something very simple, but it isn't a plan if it isn't tested regularly, ideally every 90 days, under different scenarios.

Corporate demand for collaborative platforms with built-in security has surged since lockdowns began. Companies are realizing that they need a back-up platform to give workers multiple collaboration channels and to ease the network strains caused by remote working.

The pandemic has accelerated the move to cloud-based platforms, which have eased security concerns by developing better methods to safeguard data. The shift to remote work from home has raised the question of who will be on-site to maintain office-based data centers and applications. Companies can also leverage the ability of cloud companies to support their business operations.

Remote workers need backup

To be successful, these changes require greater security awareness from top to bottom within organizations. Companies also need to take responsibility for providing home-based workers with the resources, protocols, and security education they need.

Related: The Real Cost of a Data Breach for Your Brand (and How to Best Protect Yourself)

In simple terms, they should be both expanding the pipes used by home workers and being proactive about making sure those pipes are secure. Some of these responsibilities will be shared between organizations, employees, and service providers. But the primary responsibility will fall on the data owners.

Companies should be prepared to cover the cost of the extra bandwidth home-based employees need for their jobs. On top of that, they should ensure that home workers have a secure network, a firewall, and are always using a VPN when connecting to company systems.

Having those elements in place, as well as ensuring workers are well educated about the various types of attacks they could be exposed to, will go a long way toward reducing security risks.

Rajiv Das

Principal on cybersecurity team

Rajiv Das is a principal in Plante Moran's cybersecurity group specializing in IT strategy and governance, business analytics, cybersecurity strategy and operations, and risk management services. His work helps leadership teams align IT with overall business goals. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Devices

The Last Pen You'll Ever Have to Buy — Never Run Out of Ink Again With the ForeverPen

The world's smallest inkless pen is durable, portable, and built to last.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Devices

Save 45% on an iPad Air With This Holiday Sale

You got gifts for everyone else—now it's time to treat yourself.

Business News

A New Hampshire City Was Named the Hottest Housing Market in the U.S. This Year. Here's the Top 10 for 2024.

Zillow released its annual lists featuring the top housing markets, small towns, coastal cities, and geographic regions. Here's a look at the top real estate markets and towns in 2024.

Business Ideas

Is Your Business Healthy? Why Every Entrepreneur Needs To Do These 3 Checkups Every Year

You can't plan for the new year until you complete these checkups.

Leadership

The End of Bureaucracy — How Leadership Must Evolve in the Age of Artificial Intelligence

What if bureaucracy, the very system designed to maintain order, is now the greatest obstacle to progress?