Fifth of employees feel their data is more vulnerable when working from home – Microsoft
Almost a third of respondents still using personal e-mail to share confidential work materials
20 November 2020 | 0
New research commissioned by Microsoft Ireland has found that that just over one in four (26%) remote workers have experienced a cyber-attack personally, while 45% of employers have asked their employees to use their personal devices for work since the start of the pandemic.
Conducted by Amárach Research, the study surveyed 500 employees and 200 business decision makers in September 2020 about remote working, digital security behaviours, and the concerns they now face.
The accelerated transition to homeworking is placing pressure on organisations to support the unavoidable blending of personal and professional lives more than ever before. However, this naturally creates new risks, including the increased risk of cyber-attacks. This was reflected in the research which showed that only 17% of remote workers currently believe that the software and technology provided has done enough to protect their data.
This could be in some way due to the pace at which employers had to transition to remote working environments, with 36% of employers admitting they have spent the past few months putting in place the security, privacy, and workplace procedures required for today’s remote working world.
Information protection concerns
More than three-quarters (76%) of workers were surprised with how well they had adapted to remote working. However, one in five employees feel their data is more vulnerable when working from home due to the absence of regular IT supports. In fact, one in five employees feel their data is more vulnerable when working from home in the absence of normal IT supports.
The research points to some potentially dangerous cybersecurity issues amongst remote workers. Some 30% of workers still use personal e-mail accounts to share confidential work materials. One third of workers admitted to using the same password to log into work and personal devices and nearly half have no security restrictions when accessing work-related documents and materials remotely.
One third of employers acknowledge they are exposed since they had to make remote-working decisions and transitions so quickly. Almost half (45%) of employers have had to ask their employees to use their personal devices for work purposes since the start of the pandemic.
A lack of policy for using personal devices remains a problem, with 42% of employers yet to come up with a ‘bring your own device’ policy.
Furthermore, 41% of employers acknowledge it has become increasingly difficult to remain GDPR compliant because of the pandemic.
Des Ryan, solutions director for Microsoft Ireland (pictured), said: “Cyber hackers are opportunistic, skilled, and relentless. They have become adept at evolving their techniques to increase success rates, whether by experimenting with different phishing lures, adjusting the types of attacks they execute or finding new ways to hide their work.
“While our physical work locations may have changed, our responsibilities in protecting organisational data and complying to data regulations have not. Now is the time to address this with an increased investment in cybersecurity, secure devices, tighter policies, increased support, and education for employees so they can play an important role in not only protecting themselves but also their organisations.”
When asked about the future, 58% of respondents believe they will have a ‘hybrid workforce’ in future as more staff work from home more of the time and others are in the office. Over half (57%) felt more positive about using cloud-based services, including productivity tools.
However, the research shows that Irish organisations understand there is a gap with 41% admitting they are behind the curve when it comes to having the right digital services and technologies in place to deal with new working realities.
Is this an area of interest? Tailored training for IT Professionals
The Irish Computer Society provides members with the necessary qualifications, skills and training needed to succeed and excel within the profession.
Upcoming courses which may be of interest include:
- Certificate in Business Analysis – offers academic accreditation for business analysts through the use of proven business analysis techniques. Up to 100% funding available.
- European Certified Data Protection Officer (ECDPO) – This programme has been designed to equip Data Protection Officers with the necessary skills and competencies to meet and maintain all aspects of data protection compliance.
- CDPP – Certified Data Protection Practitioner – Be confident that your organisation’s policies and procedures are legally compliant with data protection legislation by completing Ireland’s first certified data protection practitioner programme.