Do Home Workers Present a Security Risk to Your Business IT Network?
17 March 2016
The combination of rapid technological advancement and the extension of flexible working rights in the UK has led to a huge increase in the number of people working from home some, or all, of the time. The most recent figures show that there are a record 4.2 million homeworkers in the UK, which amounts to a significant 13.9% of the workforce.Homeworking is an increasingly attractive option for both individuals and businesses. From an individual’s perspective, it provides a greater degree of flexibility and can aid a better work-life balance. From a business perspective, a remote workforce is often thought to be more creative and productive. By employing home workers, businesses can also reduce overheads considerably.
However, there is a dark side to this trend. By exposing their organisation’s networks to the home networks and personal devices of their employees, businesses are potentially putting themselves at risk.
In this article, we consider whether home workers present a security risk to their company’s IT network. We assess the significance of the risk and, most importantly, consider what can be done to mitigate it.
Generally speaking, business IT networks are much more secure than the average home network. Businesses need to invest in network security in order to protect the data of their organisation, their employees and their clients. But, with the increasing flow of data and devices between home and business networks, comes increased difficulty in controlling the security of information.
There are two sides to the problem: that of employees taking company devices and connecting to their home networks and that of employees bringing personal devices into work and connecting to the company network. The latter is a rising problem often associated with the growing trend of BYOD (bring your own device) policies within organisations.
By targeting employees personal accounts and home networks, hackers wishing to gain access to a business network are able to bypass the stronger corporate security measures in place in a company’s premises. The increasing movement of devices between locations is making this easier than ever before.
Home networks can represent a hostile threat and need to be treated as such. The problem is that many people are unaware of the security pitfalls within their home networks.
One of the main issues lies with the increasing number of web-enabled devices within our homes.
The Internet of Things (IoT) is a hot topic right now, that gets many people excited, but the reality is that a large number of these devices present significant security risks, acting as unwitting gateways to the networks they connect to. From smart TVs and printers through to security cameras, baby monitors, digital radios and even kitchen appliances, there are a growing number of household devices that have the capacity to connect to the Wi-Fi network and, therefore, provide a way in for the hackers.
It’s not uncommon for people to forget that they ever connected certain devices to their network when they initially set them up, and this is the worry.
It’s becoming increasingly clear that many of the devices making up the Internet of Things have unknown bugs in the software that lead to vulnerabilities. Manufacturers of many of these devices are not providing the necessary security updates, some are not reacting adequately when problems are reported and they are either unwilling or unable to resolve the issue.
Essentially, not enough effort is being made to find and fix the bugs in these devices.
But, it’s not just the Internet of Things that’s cause for concern when it comes to the security of home networks. Another part of them problem lies in the behaviour of individuals as well as attitudes towards internet security, which so often reflect complacency. Despite the increasing occurrence of data breaches and cyber-crime that are frequently reported in the news, many of us still fail to take basic steps to protect our networks.
The easiest route, by far, for hackers to gain access to a network is via email and this is often where people get caught out. Malicious email campaigns are often very carefully targeted, with emails appearing to be from people the victim knows, or sources they are likely to respond to. Just because an email looks authentic, doesn’t mean it is.
Individuals need to be vigilant online and wary of opening email attachments.
As a company, one of the best measures you can take to protect your data security is to educate your employees.
Tips for individuals:
• Change default admin names and passwords on the router
• Use different passwords for each account and passwords that are of a good strength, including upper and lower case letters, numbers and symbols
• Turn off Wi-Fi Protected Setup (WPS) as it’s known to be insecure
• Always keep operating systems, browsers and other software up to date on all devices (PCs, laptops, tablets and mobile phones) including those at home – easier said than done when the business doesn’t own or control them!
• Always use professional, business-quality anti-virus software and a firewall and keep these updated
• Always be suspicious of emails bearing attachments, even if they appear to be from people you know
• Turn off web interfaces, where possible, on devices that don’t need to be connected to the network
• When working at home, set the network to “public”, rather than “trusted” as this will provide a greater degree of security
• Do not let door to door sales people or other third parties connect to your home network
Educating your employees will go a long way to mitigating the risks associated with exposing your company to home networks, but it is only part of the solution. When implementing flexible working and BYOD policies, you need to ensure that security is properly planned and managed.
Protecting company devices exposed to home networks
• Insist that company devices be used only for appropriate business purposes
• Consider locking the operating system to prevent individuals from installing their own software – this is increasingly best practice
• Limit the exposure to home networks by restricting the privilege to only those for whom it is necessary
• Install internet filtering software on company devices to prevent individuals from using sites that are inappropriate and potentially dangerous
• Consider having dual-boot areas on company devices, with separate operating systems for business and personal use with a firewall between the two
• Ensure that appropriate, business quality firewalls and anti-virus software and installed and kept up to date on all devices
• Keep operating systems and other software up to date on all company devices
Protecting your network against exposure to personal devices
This is somewhat harder; given that the devices are owned by the individuals, there are restrictions to the level of control that you can reasonably have over them. However, there are still steps that can be taken to protect your business network:
• First and foremost, consider whether it is necessary at all to allow individuals to connect personal devices to your business network. If not, ban or block them.
• Consider disabling the majority of USB ports on devices in your premises, to protect your network against devices brought from employees’ homes into the office
• Set up a separate guest network for employees to use with personal devices
• When implementing a BYOD policy, ensure that you have a policy that is thoroughly thought through, including an acceptable use policy, and ensure that workers are adequately trained so that they understand the issues associated with internet security, as well as what is expected of them
Although it’s clear that home workers, or home networks more specifically, present a risk to your business IT network, the significance of this risk can be reduced by implementing the appropriate measures and ensuring that flexible working and BYOD policies are properly managed.
If you would like further advice on protecting your business IT network, we offer a range of IT consultancy and IT support services.
Contact us today for jargon-free IT advice that’s tailored to the individual needs of your business.
Other Press Releases By This Company
- 15/07/2020 - Why have I not received my email?
- 11/06/2020 - 5 Security Tips When Working From Home
- 11/06/2020 - What is an SLA and Why Should My IT Provider Have One?
- 11/06/2020 - Can You Help Me with Remote Working?
- 26/03/2020 - Remote Working – What You Need to Know
- 17/03/2020 - What Can You Do about the New Phishing Threat?
- 17/03/2020 - The Importance of Online Backup for SMEs
- 17/03/2020 - Is Your IT Support Still Right for Your Business?
- 17/03/2020 - Why You Should be Using 2 Factor Authentication in Your Business Right Now!
- 17/02/2020 - The new security threats
- 06/02/2020 - Quick Guide to Office 365 Security Monitoring
- 27/01/2020 - How Phishing Got Social
- 21/01/2020 - Predictions 2020
- 21/01/2020 - How much should IT support cost?
- 21/01/2020 - Scottish Enterprise Announces Closing Date for Cyber Essentials Voucher Applications
- 21/01/2020 - Unhappy new data breach!
- 19/12/2019 - The 6 questions to ask your IT provider about their own security
- 19/12/2019 - The Cyber Essentials Policies Your Business Needs
- 12/12/2019 - The 6 questions to ask your IT provider about their own security
- 25/11/2019 - The 8 Warning Signs that Indicate You Need to Switch Your IT Provider
- 25/11/2019 - Are you doing enough to protect your staff against Phishing?
- 25/11/2019 - Does Better the Devil You Know Hold True for IT Support?
- 04/11/2019 - Why SMEs Should Get Expert Help with Cyber Security
- 25/10/2019 - Why Are Software Updates (or Patches) So Important?
- 25/10/2019 - Are You Doing Enough to Protect Your Data?
- 07/10/2019 - Want to Get Back to Doing Your Day-Job?
- 06/08/2019 - The Ever-Growing Attack Surface of IoT: Your Questions Answered
- 06/08/2019 - Secure Yourself this Summer! How to Holiday with Peace of Mind
- 06/08/2019 - Going to The Darkside?
- 06/08/2019 - The New Rules for Passwords in 2019
- 04/07/2019 - Outlook – Cloudy
- 04/07/2019 - Doubling up: why two-factor authentication is your next step in digital security
- 04/07/2019 - One Year On from GDPR: What’s Changed?
- 19/06/2019 - Are Your Websites and Applications Secure?
- 10/06/2019 - From Spam to Phish – Cyber Crime on a Plate
- 28/05/2019 - How to Address the Dangers of Personal Devices for Work
- 23/05/2019 - Can Outsourced IT and Internal IT Work Together?
- 26/03/2019 - Are You Doing Enough on Mobile Device Security?
- 26/03/2019 - Office 365 Popularity Grows…as does its potential vulnerability
- 26/03/2019 - The (Free) First Step to Better IT!
- 06/03/2019 - Passwords: Can we live without them?
- 06/03/2019 - How setting up SOPs can help you deal with IT points of failure
- 04/03/2019 - Urgent Call to Action if You Are Using Windows 7
- 04/03/2019 - Windows Server 2008 R2 Approaching End of Life
- 14/01/2019 - Advancing Your IT Strategy: How to Identify Critical Vulnerabilities and Points of Failure
- 08/01/2019 - The Five Vital Components to Think About When Creating a New IT Strategy
- 20/12/2018 - 5 Key Considerations When Implementing Change: How to Shake Up Process Whilst Keeping Your Team On Side.
- 20/12/2018 - The IT Lifecycle and 5 Signs that it’s Time to Upgrade Your Technology
- 04/12/2018 - How Big (or Small) Does Your Organisation Need to Be to Need an IT Strategy?
- 04/12/2018 - Why IT Cannot Be a Reactive Activity
- 22/10/2018 - Everyone Begins Cyber Essentials from a Different Starting Point
- 22/10/2018 - What is an Information Asset Register? And how might it help me be GDPR compliant?
- 15/10/2018 - What NOT to do when you lose your mobile device
- 15/10/2018 - How to ensure the success of your disaster recovery and business continuity plans
- 15/10/2018 - Weighing in on Microsoft’s New Office 365 Subscription Model
- 11/09/2018 - How Do You Stop a Phishing Attack?
- 13/08/2018 - The Beginner’s Guide to Encryption
- 13/08/2018 - GDPR: the aftermath
- 02/08/2018 - Secure Yourself this Summer! How to Holiday with Peace of Mind
- 02/08/2018 - The Right to Be Forgotten – Ongoing Challenges of Data Privacy
- 02/08/2018 - 5 Ways to Use Technology to Increase Efficiency in Your Business
- 03/07/2018 - Don’t Rely on Ethics: Protecting Your Company When You Need to Let Someone Go
- 20/06/2018 - Should You be Switching to Office 365?
- 12/06/2018 - Getting the Best
- 08/06/2018 - Computer Says: User Error
- 01/06/2018 - When is the best time to replace your IT equipment?
- 01/06/2018 - GDPR, Outsourcing and Third-Party Data – What you need to know before the sky falls in this Friday!
- 01/06/2018 - GDPR – the end of the beginning…
- 10/05/2018 - What Is End Point Security and Do I Need It?
- 10/05/2018 - How Can Technology Make Home Working More Productive?
- 12/04/2018 - Malware is Getting Even Smarter. What Can You Do to Protect Your Business?
- 06/04/2018 - Is it Time for an IT Spring Clean?
- 06/04/2018 - GDPR: Do Business Emails Count as ‘Personal Data’?
- 22/03/2018 - Is Employee Absence Affecting Your Business This Winter?
- 22/03/2018 - Best Practice Password Security
- 22/03/2018 - The Dangers of Over-Sharing Online
- 22/03/2018 - How the GDPR can help to re-establish a great relationship with your customers.
- 07/03/2018 - Fed Up of Hearing About GDPR?
- 07/03/2018 - 5 Things Every BYOD Policy Needs
- 22/02/2018 - 6 Things You Can Do This Year to Boost Your IT Performance in 2018
- 22/02/2018 - Could Social Media Be Your Security Weak Spot?
- 07/02/2018 - 6 Things You Can Do This Year to Boost Your IT Performance in 2018
- 05/02/2018 - Why the Carphone Warehouse Data Breach Offers Lessons to us All…
- 29/11/2017 - Are You Adequately Testing your Backup and Recovery Plans?
- 29/11/2017 - Protect your Business, your Clients and your Supply Chain with the UK Government’s Cyber Essentials Security Standard
- 13/11/2017 - The Beginner’s Guide to Cloud Security
- 13/11/2017 - Trick or Treat? What sort of service do you get from your IT provider?
- 13/11/2017 - Strategies for Surviving a Cyber Attack
- 19/10/2017 - Protect Your Business from Insider Attacks
- 10/10/2017 - Customer Satisfaction (CSAT) Results to date – how do you rate us?
- 05/10/2017 - Two Thirds of UK Firms Hiring for GDPR – What are you doing?
- 29/09/2017 - Evidence Suggests Looming GDPR Is Still Being Ignored by British Businesses
- 29/09/2017 - Staff Training: Your First Line of Defence in IT Security
- 29/09/2017 - How Should a Small Business Prioritise IT Spend?
- 05/09/2017 - 4 Benefits of Microsoft SharePoint – What is it and is it relevant to your business or organisation?
- 29/08/2017 - The Impending SME Security Crisis
- 29/08/2017 - Cloud 101: SaaS, PaaS & IaaS Explained
- 17/08/2017 - Comparing the Advantages with the Pitfalls of BYOD
- 27/07/2017 - What is the “right” level of security for my business?
- 27/07/2017 - The 7-Step Plan for Small Businesses for Essential Cyber Security
- 14/07/2017 - An Introduction to GDPR: Give Data Proper Respect!
- 03/07/2017 - You’re Not Too Small to Be a Victim: The Obvious IT Security Fails Small Businesses Can Avoid
- 21/06/2017 - The Rise of Personally-Targeted Spear-Phishing Attacks & How to Defend Yourself From Them…
- 14/06/2017 - Your IT perimeter: where is it and how do you best defend it?
- 05/06/2017 - Is the Password Still Relevant to Control Identity and Access to Your IT Systems and Data?
- 05/06/2017 - Empowering Employees Through Mobilisation
- 22/05/2017 - Is Your Disaster Recovery Plan & Process Up to Scratch?
- 16/05/2017 - How to Protect Your Business Against Cyber-Attacks and Data Theft Wow! Quite a weekend of news around Cyber Security…
- 11/05/2017 - 3 Ways a Small & Medium Business (SMB) Can Benefit From YouTube Content Marketing
- 08/05/2017 - 5 Top Tips for Handling Confidential Information in Your Business
- 26/04/2017 - Support for Windows Vista Comes To An End
- 26/04/2017 - Ten Straightforward Social Media Tips & Tricks
- 27/03/2017 - Cyber Security Experts Warn of Rise in Ransomware
- 22/03/2017 - (Not Always Obvious) Things You Should Look Out for to Avoid Phishing Scams
- 13/03/2017 - 8 Top Tips for Managing a Virtual Work Team
- 06/03/2017 - Top Tips for Making IT Relevant for Your Business
- 27/02/2017 - How Two-Factor Authentication Can Help You Secure Your Business
- 22/02/2017 - How SMEs Can Benefit from Keeping Up to Speed with Mobile Technology
- 14/02/2017 - IoT Security Tips for SMEs
- 07/02/2017 - Is Windows 7 no longer fit for business use?
- 30/01/2017 - How to Combat the ‘Insider Threat’
- 23/01/2017 - How to Use Technology to Attract the Best Talent to Your Business
- 23/01/2017 - 3 Top Tips for Improving Office Connectivity in 2017
- 12/01/2017 - Learning the lessons of 2016: How SMEs can improve their cyber security practices this year
- 12/01/2017 - Its a New Year…Is It Time for a New IT Company In 2017?
- 12/01/2017 - 5 Social Media Trends to Look Out For in 2017
- 19/12/2016 - How to be a Savvy Web User this Christmas
- 12/12/2016 - 5 Signs That Security in Your Business Needs to be Improved
- 06/12/2016 - Why Smart Cities Will Prove to be a Game-Changer for Business, Your Health and Our Humanity
- 30/11/2016 - Grant McGregor Wins SolarWinds MSP Community Partner of the Year!
- 17/11/2016 - Why Centralised Data is Important and the Steps to Take to Protect Your Data
- 07/11/2016 - The ‘Brexit Effect’ on Technology Prices – What does this mean for UK Businesses and Organisations?
- 31/10/2016 - Is Antivirus Still Relevant in a World of Increasing Cyber-Attacks
- 26/10/2016 - 5 Ways to Use Technology to Increase Efficiency in Your Business
- 26/10/2016 - A Guide to MOVEit Transfer
- 10/10/2016 - Why SMEs Should Take Cyber Security Seriously
- 26/09/2016 - The 5 Biggest Vulnerabilities That Scammers Look to Exploit in Small Businesses And Organisations
- 20/09/2016 - Four Top Tips for Reducing IT Expenditure
- 12/09/2016 - How to Spot and Deal with Fake/Scam Emails – 5 Tips to Keep Your Business Safe
- 07/09/2016 - 10 Tips to Get The Most Out of Windows 10
- 30/08/2016 - How Technology Can Help You Grow Your Business
- 25/08/2016 - 6 Vital Reasons You Should Filter Web Traffic Through Your IT Network
- 18/08/2016 - Back to school… already?!
- 03/08/2016 - Six Simple Ways to Seize Control of Your Document Storage
- 19/07/2016 - 5 Practical Steps to Improve IT Security in Your Business
- 06/07/2016 - How to Implement a New IT System with Minimal Disruption
- 01/07/2016 - Reboot, Restore, Revitalise – Need to give your IT a makeover this summer?
- 20/06/2016 - Office 365 – Why your business could be missing out by shunning Apple devices
- 15/06/2016 - How to Manage Business Mobile Devices
- 07/06/2016 - Why Hiring the Right Staff is Vital for SMEs in 2016
- 23/05/2016 - 10 Fundamentals of Using Social Media Effectively for Your Business
- 17/05/2016 - Strengthen your IT team with LOGICnow in your corner…
- 17/05/2016 - Why so-called “CEO Fraud” is so Dangerous to Your Business and How to Avoid It
- 03/05/2016 - How to Protect Your Business from CryptoLocker
- 26/04/2016 - Back to Basics…Is GFI LanGuard Right for Securing Your Business?
- 20/04/2016 - Pulling Together – 5 Key Benefits of Co-sourcing IT Support Services
- 12/04/2016 - Is it Time to Audit Your IT Systems?
- 05/04/2016 - The Three Most Common Access Control Issues
- 30/03/2016 - Which Strategies Are Best to Protect Against Malware?
- 21/03/2016 - Is It Time To Hop Over To A New IT Company This Easter?
- 10/03/2016 - 8 Reasons Why You Might Not Be Receiving Email
- 01/03/2016 - Managing IT Infrastructure & Security
- 22/02/2016 - How to Use IT Strategically in Your Business to Gain a Competitive Advantage
- 18/02/2016 - 10 Things to consider before subscribing to Office 365
- 18/02/2016 - 7 Business Technology Trends for 2016
- 18/02/2016 - What impact will reforms to the Data Protection Act have on your business, and what relevant adjustments are you likely to have to make?
- 18/02/2016 - The Benefits of 24/7 Monitoring of Your Physical and Virtual IT Infrastructure
- 12/02/2016 - Are You Head Over Heels With Your IT Company…Or Have They Left You Broken Hearted?
- 11/02/2016 - What 2015 Taught Us – A Look Back at the Big IT Stories
- 15/12/2015 - How to be a Savvy Web User this Christmas
- 15/12/2015 - Fraud Prevention Seminar is a Virtual Success
- 27/11/2015 - Are You Ready For Employee Absence Affecting Your Business This Winter?
- 20/11/2015 - Security Is No Longer an IT Problem, It Is a Business Issue!
- 13/11/2015 - 7 Essential Reasons To Back-Up Your Laptop
- 13/11/2015 - Apple Announce Microsoft Office for the iPad Pro
- 13/11/2015 - Cyber Security – it won’t happen to me…or will it!
- 10/09/2015 - Top Ten Network Monitoring Benefits
- 10/09/2015 - Email today – is it a blessing or a curse?
- 10/09/2015 - Preventing Shadow IT – Cloud Security Risks & Solutions
- 10/09/2015 - Risky Business – why you shouldn’t store important files locally
- 10/09/2015 - Grant McGregor Ltd Becomes a Microsoft Authorized Education Reseller
- 10/09/2015 - Award Winning Technology from Award Winning People!
- 25/08/2015 - Too Risky to Stay or Leave – Changing Your IT Support Partner
- 16/06/2015 - 8 Reasons to start using Microsoft Publisher today
- 10/06/2015 - Magento Security Breach – the importance of applying your security updates on time
- 09/06/2015 - Cyber Attacks Continue – Make Sure Your Company is Protected
- 09/06/2015 - What do you need to ask yourself before you think about IT change?
- 15/05/2015 - 3 Reasons You Should Add Email Archiving & Retention to Your Email Security Services Today
- 15/05/2015 - 5 Easy Steps to Using Microsoft Excel More Effectively
- 15/05/2015 - Do you Move to Windows 8 or stay with Windows 7 and wait for Windows 10?
- 15/05/2015 - Seven Great New Offerings Contained In Office 365 Cloud Services
- 14/05/2015 - 50,000 Ways to Save Yourself Time When Securing Your IT Network
- 14/05/2015 - Have You Tested Your Company Backup & Restore Process Recently? Perhaps Its Time You Did…