IT security for the home office – a challenge for companies, an opportunity for CSPs
by Fredrik Blumer
The ongoing pandemic has brought about a transformation in the way we work. As the virus spread, forcing the world to go into lockdown, businesses were left with no other option than to switch from office to home office. But what about the IT security – is it really safe working from home?
Increased distance work has led to more cyber attacks
Even though many companies allowed their employees to work remotely before COVID-19, it has now become the norm. Early estimates from Eurofound show that close to 40% of those currently working in the EU began to telework fulltime as a result of the pandemic.
Lucky as we are to be able to work from the comfort of our own homes, it can also come at a price in terms of IT security. Generally, our home networks are not as well protected as those on company premises and the number of cyber-attacks on companies via teleworkers have therefore increased.
According to Cyber Attack: 2020 Mid-Year Report by the security giant Check Point Software, cyber-attacks have increased globally from 5,000 per week in February 2020 to more than 200,000 per week at the end of April.
Why the home office isn’t safe
What is usually lacking at the home office is protection against attacks targeting the enterprise network. There is, for example, typically no firewalls installed at the gateways of the home network. At best, there is parental control or virus protection installed at the gateways, but no real protection against data breaches. And let’s be honest – unless you do it professionally, people in general know very little about cyber security and network protection.
At the home office there are also ways to access devices other than at the gateway. Inside the network itself there are other vulnerabilities, such as other malware infected devices. A family member might have opened an email with a corrupted link or carelessly used an infected USB flash drive. Once inside the home network, the virus can spread to other devices – such as the work computer.
Companies are responsible, not employees
Not only do these threats and attacks need to be discovered, but they also need to be addressed with different type of measures. To cut the connection or quarantine certain programs or processes, for example.
However, these are things that are not top of mind for employees working from home. They might have heard about the threats, but they don’t know how to take action when breaches occur, and they don’t know how to stay protected, so the networks aren’t breached in the first place.
These are the responsibilities of the company. Obviously, awareness must become better among at teleworkers, but it is the companies that must take action in order to reach a sufficient level of security for the home offices.
CSPs that can offer secure solutions will take the lead
Companies must make sure their employees are using certain technological solutions to improve security when they are working from home. To ensure that their enterprise networks are safe, their employees should preferably work on a home network provided by an approved operator that has proven themselves sufficiently secure. Employees will therefore choose an operator that they know their company approves of, otherwise they might no longer be allowed to work from home.
For CSPs, this creates a new business opportunity. If they offer a solution that meet the criteria for a secure home office network, it may strengthen their position towards both companies as well as their employees. As a large part of the workforce will continue to work from home in the foreseeable future, CSPs than can provide these types of solutions are definitely ahead of the game.