Working from home continues to pose a risk to IT security
With some colleagues based at the office and others working from home, autumn under the pandemic will continue to be distinguished by digital meetings and logins from beyond the walls of the office itself – which naturally translates into greater risk for many enterprises. October has been designated European Cybersecurity Month with the intention of raising awareness about information and cybersecurity issues at businesses and among the general public. Our new survey reveals that a majority of employees are worried about digital trespass at their workplace, and about leaking information via cloud services.
Digital security at enterprises has been put to the test during the spring due to the coronavirus pandemic and the increase in the number of people working remotely. Cybercriminals are adept at exploiting the vulnerabilities that exist in home networks, cloud solutions and other digital services. The SecMaker survey entitled Svenskarna om digital säkerhet (Swedes on digital security) reveals that six out of ten respondents are worried about the prospect of their workplace being subjected to digital trespass.
“Cybercriminals use the simplest methods possible – stealing passwords, for example – to achieve their aims, which is why the extensive use of passwords is one of the most pressing problems. Nine out or ten workplaces rely completely on passwords as their login method,” relates Niklas Anderson, CEO of SecMaker. “This demonstrates that many workplaces generally accord a remarkably low priority to their IT security even though the survey also shows that a majority actually have guidelines for their digital security in place.”
Cloud services are another source of concern ...
... with regard to the risk of trespass and the leaking of information – primarily in the public sector, where almost one in five respondents reports concerns. A large majority of enterprises use cloud services at their workplace. The survey also reveals that as many as one-fifth of respondents are not even aware of whether or not their company uses cloud services.
“In addition, the survey findings show that four out of ten employees use the same passwords at work and privately,” adds Niklas. “In practice, this means that a great many work-related cloud services are highly vulnerable to trespass. Especially when more and more people are working from home. In other words, a great many people are handling what is already an insecure method of identification badly.”
Private individual or employee?
Login via e-identification is significantly more secure than using passwords, and the survey also reveals that a majority or respondents use this method privately. Four out of ten are also positively disposed towards using their private e-identification at work.
“The problem with using e-identification at work is that it entails vouching for a given piece of information in the capacity of yourself as a private individual,” says Niklas “Put another way, you should use separate methods to identify yourself at the workplace and at home. Many employees are not aware of the difference between their private e-identification and corresponding work-related solution.”
Digital trespass and breaches of security are becoming increasingly problematic. The survey reveals that there is widespread concern about this issue at workplaces, even though almost all companies have introduced guidelines for digital security.
About the survey
The survey was performed by PFM Research in spring 2020. The respondents comprise a representative selection of men and women, aged 18 or more, resident in Sweden and covering an appropriate spread of ages and genders – 1,000 people in all. The respondents work in office-based companies with at least 20 employees, and are not employed in the fields of IT or security.
SecMaker is the leading Nordic supplier of certificate-based security solutions for enterprises, authorities and organisations. The SecMaker Net iD solution already numbers more than 1.5 million users employed in both public and private sectors. The solution protects and secures information, systems and data traffic.