The workplace has been redefined by the pandemic, with fewer people in formal offices and more people working remotely. And, it’s unlikely to change.
Two international surveys show that at least 16% of workers will remain at-home workers long after the Covid-19 crisis has receded, while 40% of newly remote employees would continue to work remotely at least some of the time.
According to Richard Broeke, MD of Securicom, many of its JSE-listed clients have indicated intentions to maintain the work-from-home structures implemented during lockdown until a vaccine becomes available.
“Companies have realised that their teams can get more done working from home. They can downsize their office space, keep a few meeting rooms and introduce hot desks for employees when they need to be at the office. However, with physical workspaces and the way that companies operate changing so dramatically and in such a short time frame, we are now facing new sets of challenges around the provisioning, management and protection of IT resources and data.
“Cybercrime has skyrocketed this year. Phishing attacks increased by 700% in the first three months of 2020 and globally, 51% of companies have been directly or indirectly impacted by ransomware. Several local companies have experienced major data leaks which have exposed the information of millions of South Africans. Hackers implement attacks every 39 seconds, which equates to some 2 244 attacks daily.
“The reasons for the scourge in cybercrime can be found by looking at the ways that remote working is enabled. Employees are using corporate assets which are not being managed or they are using personal devices for work. Endpoint security is lacking, security updates aren’t happening as they should, there is no monitoring or control of the endpoints in the remote environment and there are no policies around the use or management of data, and the use of private networks and devices.
“South Africa has had some time to acclimatise to working from home. Now it is time to refine how it is done so that it is easier and safer for companies and their employees.”
Broeke says that the ongoing prevalence of the WannaCry ransomware cryptoworm since 2017 is indicative of the lack of monitoring and patch management on endpoints.
“Windows released a patch to stop Wannacry in 2017, yet it remains the most prevalent ransomware. Why? Because patch management is not happening,” he says.
End-user awareness is also a major contributing factor to the increase in cybercrime in 2020. People are unaware of the potential risks of using third-party applications to do their work, clicking on links in emails, browsing the internet on unprotected devices, responding to unsolicited emails and phone calls asking for information, giving away passwords and allowing families members to use their work devices for personal use amongst other risky behaviours.
Broeke cites that at least 38% of employees Securicom has assessed on behalf of companies are vulnerable to being caught by phishing.
“Notably, 65% of the ransomware attacks that have impacted more than half of companies globally were delivered via phishing. Employees need to be educated to identify and help prevent phishing attacks,” he says.
Speaking at a recent webinar hosted by IPT Holdings, Broeke said that companies must get back to basics, focusing first on the endpoint.
“Before the work-from-home boom, 95% of data spent 100% of its time on endpoints. Most of your data is out of the office. There are a few endpoint security essentials that companies should have in place to protect assets and information from threats from the outside as well as abuse by employees. It is also important that all endpoints throughout the environment are constantly monitored. You cannot protect or fix what is out of your control.”
He concludes: “The setup of virtual work environments needs to be refined for companies to fully and securely embrace remote working scenarios. The network security landscape must be adapted to include remote sites, email security must be in place, there should be policies around the use of company resources as well as access to data, and cloud-based services must be secured. Last but not least, employees must receive cybersecurity awareness training.”