Does your business bid farewell to the old way of working, in which all employees spend eight hours a day at the office and moves in favor of a flexible way of working from anywhere?
Businesses adopting this latest model enjoy many benefits, but they need to ensure that employees who work remotely do not fall victim to phishing attacks. The certainty that anyone will not be a problem in the business by putting it open to invasions and financial losses is very important for mode her.
Seeing an example, the number of Australians who choose to work away from the office for a few days or whole weeks continues to climb. 2016, Australian Statistical Office data showed that one third of Australian workers were working from home on a regular basis. A more recent survey by the International Working Group (IWG) suggests that the number has increased significantly over the next three years. About 50% of Australian employees worked remotely for at least half a year, according to an 2018 IWG survey. Two thirds of respondents said they work at least one day each week outside office.
Empowering each employee to achieve the minimum balance between work and life and adjusting working hours to regulate his / her personal life naturally is a very important asset. The businesses, meanwhile, they can reap the benefits of a happier and happier workforce - improved productivity and lower staffing.
Ensuring that workers working remotely do not become weak links in the security chain has become a major challenge for IT departments and security professionals. The latest figures from the Australian Information Commissioner's office (OAIC) show that the situation is worrying. In the first quarter of 2019, OAIC received 215 notifications of significant data breaches. 61% of these are the result of malicious or criminal attacks. Of these 131 violations, two-thirds related to cyber incidents, such as phishing, malware and ransomware.
Meanwhile, phishing attacks have become much more sophisticated than they once were. There have been days of rebuilt logos and malicious prompts to send money or urgent measures to avoid imminent legal procedures. Their position has taken the personalized and trusted messages that can even make the most suspicious recipients follow their "instructions" hacker. Ensuring that workers are not forced to do so - or at least reduce the chance of happening - requires a coordinated strategy. Developing a simple solution to protect workers and businesses, regardless of location, device and circumstances, should be a crucial element of this strategy.
Such technology is indispensable for any business that takes seriously its reputation and the financial and legal decline that can cause a data or systems violation.
Prevention is better than treatment, and especially when it comes to phishing attacks, education is one of the best forms of prevention available. Not only in the form of awareness-raising training but also as part of a continuous process, reinforced with annual or semi-annual retraining sessions, but with direct training, provided by email notification, as soon as a possible violation has been avoided.
All this can help to raise awareness of security workers cyberspace and reducing the likelihood of falling victim to phishing.