The COVID-19 outbreak has forced many Aussie SMEs into changing their company policies and allowing their staff to work from home. An unwelcome consequence has been an increase in risky behaviour by those remote workers using company-issued devices for personal business.
In a Mimecast survey of over 1000 remote workers across the globe which included small businesses, 78 per cent of Australian remote workers admitted to using their work tools for personal matters – higher than the global average. Over half of those respondents (53 per cent) confirmed that their personal use of work tools had increased since COVID hit.
Activities ranged from using personal email (53 per cent), to social media (40 per cent), financial transactions (51 per cent), and online shopping (38 per cent).
Personal email and shopping are particular areas of concern for IT support staff. As online shopping ramps up, opportunities for malicious actors to infiltrate corporate networks through malicious online retail sites and bogus ads and scam emails will be abundant.
Encouragingly, 97 per cent of Aussie respondents said they were aware that links in emails, social media, and fake retail websites could potentially infect their devices and the company network.
The proportion of employees who have received dedicated cybersecurity awareness training relating to working from home during the pandemic is also high (71 per cent), but there is a disconnect between acquiring this knowledge and actually putting it into practice.
The primary reason for this is that most
In short, much of the training is boring.
By introducing short, snappy, visually engaging and entertaining learning modules, the message resonates. People are far more likely to remember and share training content that is fun, and more importantly, use it to change their online habits for the better.
Engaging and amusing training is one important factor in reducing the risk posed by malicious actors, but it is by no means the only option open to IT teams.
SMEs can take other actions to maintain network security in the new hybrid office/home work environment:
With so many of us now using our homes as offices, and with the holiday retail period already in full swing, SMEs must address any weak spots in their network security, to ensure that 2021 really is a Happy New Year for their business.
Garrett O’Hara, Principal Technical Consultant, Mimecast Australia