A new survey from CyberArk found that work-from-home habits - including password re-use and
letting family members use corporate devices - are putting critical
business systems and sensitive data at risk.
The survey, which aimed to gauge the current state of security in today's expanded remote work environment, found that:
- 77% of remote employees are using unmanaged, insecure "BYOD" devices to access corporate systems
- 66% of employees have adopted communication and collaboration tools like Zoom and Microsoft Teams, which have recently reported security vulnerabilities
Convenience Often Outweighs Security - Especially For Working Parents
The
study found that the risks to corporate security become even higher
when it comes to working parents. As this group had to quickly and
simultaneously transform into full-time teachers, caregivers and
playmates, it's no surprise good cybersecurity practices aren't always
top of mind when it comes to working from home.
- 93% have reused passwords across applications and devices
- 29%
admitted that they allow other members of their household to use their
corporate devices for activities like schoolwork, gaming and shopping
- 37% insecurely save passwords in browsers on their corporate devices
Are Current Work from Home Security Policies Enough?
While
94% of IT teams are confident in their ability to secure the new remote
workforce, 40% have not increased their security protocols despite the
significant change in the way employees connect to corporate systems and
the addition of new productivity applications.
The
rush to onboard new applications and services that enable remote work,
combined with insecure connections and dangerous security practices of
employees, has significantly widened the attack surface and security
strategies need to be updated to match this new dynamic threat
landscape. This is especially true when it comes to securing privileged
credentials of remote workers, which if compromised, could open the door
to an organization's most critical systems and resources.
"The
security posture of organizations continues to be tested as many remote
employees face daunting challenges balancing productivity and security
across their professional and personal workspaces," said Marianne
Budnik, CMO, CyberArk. "As more organizations extend work-from-home
policies for the long term, it's important to capture lessons learned
from the initial phases of remote work and shape future cybersecurity
strategies that don't require employees to make tradeoffs that could put
their company at risk."