Poor security practices still a challenge for hybrid work

home working security

Almost a third (29 percent) of workers still use the same passwords for both personal and work accounts, potentially compromising their organisation if a personal account gets hacked.

A new study of 2,000 UK adults carried out by OnePoll for professional services company Gemserv also shows 39 percent of respondents access corporate accounts and content from their personal devices often or always, with another 24 percent doing so sometimes.

In addition 13 percent have admitted to losing devices containing data used for work in the last 12 months, potentially putting sensitive or critical data at risk of falling into the wrong hands.

“The pandemic has shifted the way a larger number of workers access their corporate data — now more than ever via personal devices and away from office locations. With the higher number of staff working remotely, new risks and vulnerabilities have been presented to organizations,” says Mandeep Thandi, director of cyber and digital at Gemserv.

Cybersecurity training is lacking too, with 18 percent of workers saying they have never received cybersecurity or data protection training and a further 29 percent reporting it only occurs once or less per year within their business. This has resulted 24 percent of workers being unaware of the cyber threats they business may face.

When working away from the office only 26 percent of workers say they always protect their internet connections through VPNs or secure Wi-Fi, with 15 percent admitting to never doing this, alongside a further 15 percent who weren’t sure if they did or not.

“The threats associated with remote and hybrid working can be mitigated with the implementation of an enduring, well structured, and relevant cyber risk management programme that covers key areas — including updated security policies and frameworks and a clear understanding of data storage and access protocols,” Thandi adds. “This should be rolled out in tandem with an ongoing training and education programme designed to achieve cultural change among those most at risk to cyber threats.”

You can find out more on the Gemserv blog.

Image credit: AndrewLozovyi/depositphotos.com

Author: Martha Meyer