How Safe is Your Data at Work?
It is a given that organizations protect their sensitive information with the latest security protocols in place. But then, not all data breaches happen outside of the organization. With most of the workforce working from their homes or working-from-anywhere, insider data breaches have spiked due to flexibility in the tools used to share information.
To put things into perspective, some of the prominent insider threat cases of 2020 include:
A former manager working in Amazon’s tax department and two of her family members were charged with making insider trades. The senior manager disclosed Amazon’s confidential financial data, earning $1.4 million from the insider dealings.
E-Commerce giant Shopify’s employees obtained the records of customer transactions for about 200 merchants. This data included the company’s customers’ personal identifiable information. This incident caused a dent in Shopify’s stock price, dropping it by 1.27%.
Twitter faced a chain social engineering attack on Twitter employees. Their credentials were stolen by the hackers, who gained access to the administrator tool of the microblogging platform.They proceeded to post scam messages on as many as 130 popular profiles andreceived $180,000 from Twitter users before the company’s cybersecurity team eventually sealed the breach.
These are among several insider threats that have caused damage to organizations in 2020.
In 2021, the scenario remains the same with people working out of offices on different devices, including their personal devices. A survey by Shred-It found that 86 percent of C-suite executives feel that the risk for data breaches significantly increases with remote work.
There’s a lack of data protection laws, specialized privacy laws, or dedicated laws on cybersecurity in India. These loopholes make the country a breeding ground for hackers, and insider threats, especially with employees working out of their homes.
Does that mean your data will continue to be compromised? How can you keep your data safe even with a globally dispersed team? Here are some pointers that you can implement:
- Evaluate the VPN – Having a VPN and requiring employees to sign in using it to access company data does not necessarily guarantee data safety. Corporate VPNs are liable to security vulnerabilities that need time to get patched. This is precisely the loophole hackers seek. The solution is to update and fix the systems beforehand, to have robust security for the VPNs.
- Update Work Policies – Remote work is a different ball game altogether, and your original work policies will not be valid when the employees work from their homes or outside of the workspaces. Update and communicate the best cybersecurity practices to help replicate the in-office experience. This will help prevent accidental data breaches, fraud, and other threats to sensitive information.
- Conduct Employee Training – More often than not, it is not enough to communicate the policies to your employees. Conductingregular and effective cybersecurity training prevents all sorts of phishing scams and data breaches and offers data security assurance. These safety guidelines and protocols will help keep the data safe while your employees work from home.
- Ensure Network Security –One of the ways to ensure network security with a majority of your employees working from their homes is by asking them to install a firewall. A properly configured firewall thwarts malicious software from breaching the home network and acts as the first line of defense against external threats.Additionally, several wireless routers nowadays include access controls and web-filtering, which offer further protection.
- Assess Risks of Shared Networks – With companies adopting hybrid workplace models, there is also the risk of accessing data over shared networks. Since you don’t directly control the network, there is always the drawback that you will not be able to update the devices or the applications that oversee the network. To reduce this risk, you need to figure out how to secure Wi-Fi access is in a managed workspace. Alternatively, you can ask their IT department whether you can have your segregated network, which is always the better option.
As the country continues to fight the uncertainties associated with the Covid-19 pandemic with the rise in telecommuting and work-from-anywhere facilities, companies need to secure their data from insider threats and malicious attacks. With the proper steps to keep business data and intellectual property safe, businesses can continue to explore flexible working modes for their employees.
Need a workspace that offers a secured Wi-Fi network and addresses your privacy concerns? Talk to our experts now!