Skip to content

Remote work opens new level of vulnerabilities to businesses

Data breaches increased significantly beginning in 2020
Remote work has increased security risks for businesses

When the pandemic hit, businesses scrambled to adjust as employees were forced to work remotely. Those fast-acting decisions accommodated productivity but sacrificed security — which had become a more significant concern.

Cybercrimes increased by 200% in 2020, according to a study by BenefitsPRO, co-sponsored by IDX. The crime increase has 73% of businesses concerned about data breaches due to remote working, the data states.

“I think the shift to remote work happened so quickly, during the COVID period, that a lot of companies weren’t prepared for it,” said Mark Vanata, owner of TeamLogicIT.

Remote workers have been commonplace in many companies for a long time, Vanata said. The problem came when companies that usually conducted business in a centralized location had to shift. 

Typically, when a company has all its employees in one location, it hosts a secure server that protects the employees and the company from security threats. When the pandemic forced employees into their homes, that protection ceased to be effective. 

“You try to replicate the same productivity, the same processes and it is just not the same. So you give up, for the sake of productivity, you give up your security,” Vanata said.

Remote required employees work via a remote connection through their work computers, introducing a new computer to the network that may not be as protected. 

“It’s opened up a new level of vulnerability to businesses,” Vanata said. 

According to the Benefits PRO study, businesses became more concerned about the vulnerabilities associated with phishing scams, password management, unauthorized downloads and which Wi-fi network employees were using.

Vanata said home routers can act as a gateway for security breaches. He supplied the example of gaming websites that allow “all types of sharing that wouldn’t be allowed at a company network … that opens up a path for somebody to get access to your network.”

These entries into an otherwise secure network resulted in a massive amount of sensitive data to be stolen from businesses.

“Ransomware hackers stole over 30 terabytes (TB) of personal and other sensitive data throughout more than 300 attacks in 2022,” according to the data presented by the Atlas VPN team through the first half of the year.

“People rushed because there was no time to do it (set up networks) properly,” Vanata said, adding that more and more businesses are now seeking ways to fix the problems.

Businesses, including small businesses and restaurants, are now seeking IT services to increase their network security. 

Some businesses are opting for VPNs, or Virtual Private Networks, and even going so far as to purchase a separate router for remote employees dedicated to the business, 

“I think a lot of companies, since that time, have become aware of the risks, either because they were hacked or because of the press,” Vanata said. 

Vanata said businesses also can take other approaches to keep their information safe by owning the computers their employees work from, enabling encryption if needed, maintaining protection software and asking employees to stay on top of operating systems updates.

Employers also can train employees to recognize phishing emails, unsafe websites and other security threats.

“Ultimately, you can build firewalls, you can put up VPNs but if a person is going to fall prey to an email, it’s hard to block it,” Vanata said. 

Employees can help keep their employers safe by knowing their home network and what devices are connected to it — including doorbells, appliances and thermostats.

“You have to have that mindset of security. I don’t think that everybody has really thought about that, where the company is responsible for keeping computers up to date … and keeping good (computer) hygiene,” Vanata said.