Remote working creates new security issues
A new survey of more than 400 IT security practitioners across North America and Europe reveals that 60 percent think COVID-induced remote work conditions have created data security issues within their organizations.
In addition the study, from encrypted USB drive company Apricorn, shows 38 percent say that data control during the pandemic has been very hard to manage. Surprisingly 20 percent of these security professionals admit that their work devices have been used by other members of their household.
Almost 70 percent of respondents want to see an encrypted USB policy within their organization, but 40 percent don't have plans to roll out a corporate USB program. Worryingly 45 percent of respondents allow the use of personal USB devices without corporate oversight, leaving it to the employee to decide which device to use, when to use them and for what data. Lack of control over writeable devices connected to corporate systems within the firewall creates a huge opportunity for attack, with corrupted, unencrypted USB sticks one of the fastest growing methods for malware introduction.
"People can be a huge asset to an organization's security culture but they need to have the right foundation, which comes from giving them the policies and tools needed to protect corporate data and assets beyond the corporate firewall," says Kurt Markley, US managing director at Apricorn. "This research supports the importance of endpoint hardware encryption, particularly during remote working conditions that will likely continue for many organizations long after this pandemic is over. IT security professionals should have implemented corporate usage policies and provided secure devices that mitigate the inherent risk of a BYOD strategy a year ago. Those who haven't are extremely late on protecting internal systems from insecure and unmanaged devices, and need to put policies and devices in place immediately."
Increased cloud use has also given rise to a range of views. 25 percent are not concerned about cloud security even though they have seen an increase in usage from disparate locations. Almost 30 percent are concerned but have strong processes for managing data stored in the cloud, and nearly 19 percent have the same concerns but no policies in place about how to store data in the cloud.
You can find the full report on the Apricorn site.