Four cybersecurity mistakes your remote workforce is making

Barry O’Donnell, Chief Operating Officer at TSG, covers the four commonly made mistakes made by a remote workforce and the measures you need to put in place to ensure that they won’t compromise the security of your business.

For many businesses, remote working has become a normal practice. Working away from the office had been on the rise for the past few years, but many organisations were pushed to begin embracing it from March 2020.

Since then, businesses have solved teething issues like remote collaboration and a lack of equipment. But what about the security implications?

Remote working brings with it a new set of cybersecurity challenges. We already know that your employees are your weakest link to your IT security; 95% of security breaches begin with a human error. Cybersecurity education is vital to ensure that your remote working policies are followed closely.

This education begins with ensuring your workforce does not make some of these commonly made mistakes. 

1.      Switching between personal and work devices

Remote working can blur the lines between business and personal life. That means employees could slip into bad cybersecurity habits – for example, using work devices for personal tasks and vice versa.

A survey by IBM found that over half of remote workers use a personal device to carry out their work. Business data is more likely to be compromised on a personal device, especially if people external to the business are using it. Employees won’t have business-grade security solutions installed on their personal devices and, with no IT supervision, they may have unknowingly installed malware or bloatware.

Equipping your employees with up-to-date technology will mitigate this risk. But if that’s not possible, there are other options. Implementing cloud-based solutions for communication and file storage can ensure they’re protected. Data-loss prevention tools will also add a layer of security to their personal devices.

2.      Clicking on dangerous links

This isn’t a risk only associated with home working, but it’s amplified in this setting. Phishing emails in the UK increased by an eye-watering 667% in the early stages of the pandemic. The analysis recorded 1,188 phishing emails in February, rising steeply to 9,116 in March.

Cybercriminals are also taking advantage of the pandemic itself. The study found that 2% of phishing emails were COVID-themed, capitalising on widespread fears about the virus. Some scam emails impersonate the World Health Organisation (WHO), leading it to issue guidance on spotting fake emails.

Education is vital to avoiding falling victim to an email-borne cyber-attack. By empowering your employees to spot the signs of a suspicious email, file, or link, you’re strengthening your first line of defence. You can educate your staff in many ways, from mandatory training courses to tools that simulate phishing attacks. One of the best methods is to tap into the expertise of a managed IT services provider; it’s their job to hire the best cybersecurity professionals.

3.      Employees aren’t installing vital security updates

It’s easy to fall into bad cybersecurity habits without the watchful eyes of your IT team. That’s certainly the case for 20% of remote workers who are not regularly installing updates for the tools that enable them to work from home, such as Zoom.

Many people see software updates as a nuisance. That’s why education is again vital to helping your people understand their importance. But having a backup plan is important, too. There are tools you can use to force your users to update their devices within a certain timeframe.

Education will also help your people to understand why they should install updates on their mobile phones.

4.      Employees haven’t enabled multi-factor authentication (MFA)

A strong cybersecurity defence includes strong password policies – however, this can often be overlooked or even put aside for most employees as something ‘to do later’. Sometimes their passwords might also not be strong enough to fight against cyber hackers.

With that being said, the risk of passwords being compromised can be mitigated by including the use of multi-factor authentication (MFA).

MFA is the process of employees providing multiple verification forms to prove their identity before logging into secure business systems. This means that when an employee attempts to log in, it can ping an approval request to their mobile phone. It also then considers other forms of user identification, such as biometrics.

An MFA system can even be set up to require authentication repeatedly on a cycle to safeguard business systems if a remote employee leaves their machines unattended for a period of time.

In the event there is suspicious activity, such as an employee receiving an approval request despite not logging into their account, they can send this to your IT team to investigate and stop potential hackers in their tracks.

Utilise remote working safely

Remote working has many benefits, including increased productivity, improved employee mental health, and reduced costs in office space. But it also has its challenges. Barry O’Donnell, Operations Director, at managed IT services provider: TSG, says, “We’ve advocated the benefits of remote working for a long time, but it’s not without its challenges.

“We’ve identified the most common security threats for remote employees, so businesses aren’t punished for keeping their employees safe and productive. The fixes we’ve recommended aren’t costly or time-intensive, so organisations will be able to make their remote workforce secure in no time.”

READ MORE: 

Cybersecurity should always be a high priority for businesses, but it takes precedence for organisations with a high percentage of remote workers. By putting these measures in place, you can rest assured that your remote workforce won’t compromise the security of your business.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Barry O'Donnell

Barry O'Donnell is the Chief Operating Officer at TSG, offering managed IT support in London, with expertise across a range of areas including Office 365, Dynamics 365, document management and business intelligence.

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...

The need to clean data for effective insight

David Sheldrake • 05th March 2025

There is more data today than ever before. In fact, the total amount of data created, captured, copied, and consumed globally has now reached an incredible 149 zettabytes. The growth of the big mountain is not expected to slow down, either, with it expected to reach almost 400 zettabytes within the next three years. Whilst...

What can be done to democratize VDI?

Dennis Damen • 05th March 2025

Virtual Desktop Infrastructure (VDI) offers businesses enhanced security, scalability, and compliance, yet it remains a niche technology. One of the biggest barriers to widespread adoption is a severe talent gap. Many IT professionals lack hands-on VDI experience, as their careers begin with physical machines and increasingly shift toward cloud-based services. This shortage has created a...

Tech and Business Outlook: US Confident, European Sentiment Mixed

Viva Technology • 11th February 2025

The VivaTech Confidence Barometer, now in its second edition, reveals strong confidence among tech executives regarding the impact of emerging technologies on business competitiveness, particularly AI, which is expected to have the most significant impact in the near future. Surveying tech leaders from Europe and North America, 81% recognize their companies as competitive internationally, with...