Since 2020, we’ve seen a dramatic increase in the number of employees working from home. Sixty-two percent of Americans worked from home in 2020, with 49% doing so for the very first time. While this is an enjoyable and positive shift in many ways, there are now new problems facing companies and their employees in the realm of cybersecurity. In the first 6 weeks of lockdown, employees saw cyberattacks increase by 5x. These attacks were specifically targeting remote workers. Twenty percent of companies also report security breaches that were linked back to remote employees. The FBI reported a 300% increase in cyberattacks at the beginning of 2020. Overall, cyberattacks skyrocketed in 2020. Phishing was up by 600%, ransomware by 148%, malware activity was up by 128%, botnet traffic saw a 29% increase, and attacks on IOT devices were up by 13%.
Q1 2021 hedge fund letters, conferences and more
These new security vulnerabilities are caused by new variables such as employees using their own devices, rather than company-issued ones. Remote work also on video conferencing and collaboration tools that are easily hacked. Home networks are another issue as they often are unsecured or spotty, which also makes them more vulnerable. Lastly, company's implemented security was not designed to handle the capacity of remote access that it has faced since the beginning of the COVID pandemic. Another issue is that, with so many employees working from home for the first time, only 20% received any security tips from their employers, yet 75% of employees are likely to follow security protocols given by employers. Employers need to take the necessary steps to give those directives to their remote workers.
Passwordless Security Systems Can Improve Remote Work Security
The answers to these security issues are almost about to be found with multi-factor authentication (MFA), but not quite. Although MFA prevents 95% of bulk phishing attempts and over 75% of targeted attacks, it’s not a perfect system. MFA systems are still fairly easily hacked. Users fail to select strong passwords and many answers to security questions can be gleaned from social media.
The better way to ensure cybersecurity is by removing passwords altogether. Passwordless security systems replace passwords with biometrics and cryptography. They also used a risk-based authorization which checks the signals from every user and every device. It creates a security and frictionless login without any interceptable messages.
Passwordless security is the cybersecurity we need to meet the new demands of how we operate our businesses.
Infographic source: Beyond Indentity
