|Home>||Security||>Cyber Crime||>Apricorn survey highlights dangers of remote working and data breaches|
|Home>||Security||>IT Security||>Apricorn survey highlights dangers of remote working and data breaches|
|Home>||Security Matters||>Security Matters||>Apricorn survey highlights dangers of remote working and data breaches|
Apricorn survey highlights dangers of remote working and data breaches
22 April 2020
MORE THAN half (57%, in fact) of UK IT decision-makers still believe that remote workers will expose their organisation to the risk of a data breach. That's according to an annual survey conducted between 25-27 March and commissioned by Apricorn.
That figure has inclined steadily from 44% in 2018 and 50% last year. The rise could reflect a corresponding increase in the number of people working remotely, or otherwise an enhanced awareness of the risks of doing so as the UK's workforce follows Government guidelines to work from home during the COVID-19 pandemic.
In 2019, almost half (47%) of respondents admitted that their remote workers had already (and knowingly) put corporate data at risk of a breach in the last year. This figure this has now dropped slightly to 44%. Apathy continues to be a major problem, with just over one third (34%) of IT leaders stating that their remote workers simply don’t care about security – exactly the same percentage as last year – which suggests organisations are struggling to ensure employees buy into the security strategy in place.
Jon Fielding, managing director (EMEA) at Apricorn, told Security Matters: “This year, the need for organisations to facilitate effective and secure remote working has been cast into the spotlight to an extent no-one could have anticipated. Our survey shows that, while progress has been made in some key areas since 2019, some of the same risks – such as employee apathy or error – remain a problem. In these currently challenging times, when UK workers are being urged to work from home, it’s all the more important that security is a priority for everyone.”
Organisations have increasingly recognised the importance of endpoint control as remote working has become more prevalent. Nearly all (96%) of those professionals surveyed* mitigate the risks of Bring Your Own Device (BYOD) with a security strategy that covers employees’ use of their own IT equipment out of the office. Of those, 42% only allow the use of devices that have been provisioned or approved by IT, and enforce this policy with strict security measures. This is a significant rise on 2019, when just over one-in-ten (11%) did so.
Strengthening endpoint controls
“Strengthening endpoint controls allows organisations to trust in the integrity of their data and systems wherever the employee is accessing them, and whatever device they’re using,” commented Fielding. “The fact that businesses are recognising and enforcing this is a positive step.”
This change is crucial given that lost or misplaced devices is now the second biggest cause of a data breach. This is cited by almost a quarter of respondents (24%), which is up from 17% 12 months ago. Employees unintentionally putting data at risk remains the leading cause of breaches (at 33%), with third parties mishandling corporate information cited as one of the main causes by 23% of survey respondents.
Despite this, the majority (87%) of UK IT decision-makers agree that their organisations’ remote workers are aware of cyber security risks and practices and follow required policies at all times.
“Remote working is not a new concept, but with so many employees now having had a taste for home working, it might be hard for businesses to put that particular lid back on so they need to figure out where their vulnerabilities lie now and address them,” concluded Fielding.
Cyber security for remote working
When it comes to the challenges of implementing a cyber security plan for remote working, almost a fifth of IT decision makers (19%) say that managing all the technology employees need is the biggest problem. This represents a drop from 30% in 2019, which suggests that organisations are coming to terms with the complexities involved as far as the technology aspect's concerned.
In addition, fewer IT leaders believe that difficulties with General Data Protection Regulation compliance is the biggest problem with mobile working: 16% agreed, compared with 20% in 2019, suggesting that this aspect may have been somewhat less of a challenge than they originally anticipated.
*The 2020 research study was conducted by Censuswide. Respondents were 100 UK IT decision-makers (CIOs, heads of IT, IT directors and senior IT managers, etc) from enterprise organisations (with 1000-plus employees) within the financial services, IT, manufacturing, business and professional services sectors