Brian Wallace, Founder & President, NowSourcing
In 2020, 62% of Americans worked from home. While remote work has increased productivity, lowered office costs, and alleviated community stress for many, the rapid shift brought new cybersecurity concerns. The COVID-19 pandemic prompted a new wave of security concerns almost overnight, and cyber attacks have skyrocketed. In early 2020, the FBI reported a 300% increase in cybercrime. Attacks targeting remote workers grew 5x in the first 6 weeks of lockdown, and 20% of organizations experienced a data breach linked to remote workers. Phishing increased by 600%, ransomware by 148%, and malware activity by 128%.
The top security concerns about remote work are as follows: 45% of devices may be more exposed at home, individuals may have difficulty managing new devices using remote work resources, and IT support is not as effective for remote work. Cybercriminals will continue to target remote employees using social engineering attacks, vulnerable devices and IoT, and unsecured home Wi-Fi networks. Additionally, data breaches may take longer to detect due to increased remote work.
Organizations were forced to transition to remote work with little preparation and no in-person support. Now they must find a way to reduce risk without compromising productivity. Multi-factor authentication (MFA), combining a password with other authentication methods, is almost the answer. Additional authentication measures might slow a hacker down, but they won’t keep your data secure. Passwords that can easily be guessed or harvested from a previous breach, security questions that can be answered based on social media or public records, and one-time codes sent by SMS that can easily be intercepted by hackers are all factors that make MFA easy to breach.
Additionally, MFA increased employee frustration. One-time codes slow down logins and require a secondary device on hand. Passwords and security questions are easily forgotten and need to be reset. The frustration associated with multi-factor authentication is likely to lower employees’ compliance with other security procedures. While many companies may default to outdated solutions, such as MFA, we know that the only true security solution lies in passwordless authentication.
Move beyond passwords through passwordless security. This eliminates the need for passwords completely, replacing them with secure cryptography and biometrics. Risk-based authorization checks risk signals from every user and device to enforce stronger access control. Password-less security also creates a secure and frictionless login without a second device or out-of-band message that could be intercepted by a hacker. Invest in password-less authentication and access control for the work from home future.
About the Author: Brian Wallace is the Founder and President of NowSourcing, an industry leading infographic design agency in Louisville, KY and Cincinnati, OH which works with companies ranging from startups to Fortune 500s. Brian runs #LinkedInLocal events, hosts the Next Action Podcast, and has been named a Google Small Business Adviser for 2016-present. Follow Brian Wallace on Linked