WFH

Remote Work and IoT Devices Create At-Home Vulnerabilities

An Unsafe Connection

While forced remote work was caused in great part by pandemic-driven lockdowns in 2020 and 2021, working from home has become a much-preferred style for many. 

Reduced commutes and more comfortable work environments are just two of the reasons working from home (WFH) is a desirable situation. In fact, according to recent Pew Research, 76% of employees who are currently working remotely cite personal preference as their primary reason for doing so. 

However, it’s not all roses. 

While it’s a safe assumption to say that working from home is the new normal, there are still some gaping vulnerabilities in myriad remote work setups. As Mike Greene reflects in IoT For All, many employees are still reeling from the rapidity of the initial shift – both corporations and individuals scrambled to ensure everyone and everything was connected. Even for companies for whom security had been paramount in their offices and physical locations, WFH security was a challenge to lock down, especially so quickly. 

Now, it’s an ongoing issue, lurking in the background of many homes.

Remote work introduces new security concerns. Our digitally connected homes mean that we are sharing devices for both personal and professional tasks, using poorly secured WiFi connections, and staying connected to our family IoT devices, from baby monitors to smart fridges. 

What can be done? 

Especially when it comes to IoT devices, like Alexas, doorbell cams and security systems, and smartwatches, there are unexpected vulnerabilities when too many devices are connected. 

If you have employees working remotely, it is the responsibility of the company and of the individual to lock down secure ways of accessing business accounts and data from home. Here are several ways you can establish strong cyber defenses from home: 

1. Establish Good Password Policies 

Do not reuse or share passwords–these bad habits can very easily lead to compromised credentials and provide cybercriminals with an easy access point.

2. Scan for Compromised Credentials 

One of the most effective steps a company can take is to, network-wide, deploy technology company that automates the detection and prevention of compromised credentials

3. Re-train Employees on Remote Security 

Take the opportunity to share information with employees who are working remotely, and educate them on home network risks. Consider including information specifically relating to families, as devices belonging to children can often be easily hacked.

4. Stay Alert 

Keep a sharp eye out for potential remote-specific phishing scams that take advantage of the increased use of Slack, Zoom, and Teams. 

The intersection of increased rates of remote work, and the ubiquity of IoT devices in both work and home, means that the security concerns are already upon us. It’s a crucial moment for businesses to consider where they will invest both time and budget. 

As we all establish new habits, invest in new devices and software for our working lives, businesses should inspect all their options, especially the ones related to security. 

Greene writes, “organizations will have to determine their acceptable tolerance level between keeping the business running and minimizing friction without exposing the company to a host of security issues.” And he’s right: there are many decisions to be made, sooner rather than later, to protect the business as well as the employees.