Cyber security risks rise for working at home

During COVID-19 lockdowns, a large proportion of the workforce has successfully taken to the home-office while routinely using Skype, Teams, Zoom and similar tools for virtual meetings. However, the flip side of that coin is a somewhat larger risk of cyber-security being compromised.

According to a Danish survey, 15 % of public employees admit to ignoring security guidelines of their workplace, while before the pandemic the same figure was just 8 %. The survey has been conducted by the Danish Computer Security Incident Response Team DKCERT on behalf of the Agency for Digitization and other government bodies. DKCERT is a part of the national research and education network DeiC.

“The rise in the proportion (of the public workforce, ed.) omitting to follow the guidelines, appears to be problematic,” the report states.

Many use unauthorized devices

The cause of the rise in the number of public employees who ignore security guidelines may well be that it is harder to follow guidelines when working at home.

“Regardless of the diagnosis, the trend should trigger concern at the workplaces,” the report points out, while referring to the fact that the majority (61 %) of the respondents ignoring guidelines estimate that their daily work would be either difficult or impossible, should they submit to the same safety standards at home as at their workplace.

23 % of respondents use either a private computer or a computer which is used for both private and work purposes.

“Using a private computer in a work context is problematic if the device has not been approved by the workplace. Not least may access to work related systems, automated security and antivirus updates, automated backup and data management, be challenging when using a computer outside the workplace environment,” the report notes.

Rising number of phishing attempts

Not surprisingly, cyber criminals see the large number of people working from home as fertile ground for their activity. According to the survey, 64 % of respondents have experienced phishing attempts within the last 12 months. This is an increase from 51 % in 2018.

Fortunately, positive trends are also found. According to the survey, public employees are increasingly aware of the need to use safe passwords and avoid re-using the same passwords for different purposes. 26 % admit to be re-using passwords, which is encouraging in light of the 37 % reported in a 2018 survey.