Work-from-home status has become a reality for most employees. For employers, this means learning to mitigate a constantly evolving cybersecurity landscape. It’s challenging enough to try to monitor employee use of corporate devices remotely from home, let alone manage employees using personal devices for remote corporate work (also referred to as BYOD: bring your own device).
In the presence of this new cybersecurity landscape, a company called NetMotion found definitively that remote workers are visiting more ‘risky’ websites while working from home, compared with pre-COVID device activity in the corporate office place.
Essentially, take workers away from corporate leadership and supervision, and the visitation to risky sites increased tenfold. In a recent study completed by NetMotion, which collected a sample of anonymized network traffic data and searched specifically for evidence of users attempting to access risky content (aka “flagged” or “blocked” content), the analysis found that employees clicked 76,440 risky links over a month-long period. To be categorized as “risky”, the link had to have taken the employee to a potentially dangerous website.
What’s more: all of these links were accessed from work-assigned devices — not exactly building confidence among employees forced to allow remote work in the face of COVID-19. Among these links clicked, the study defined the main accessed areas of risk as follows: botnets, malware sites, spam and adware, phishing and fraud, and ‘other’.
Key Findings by NetMotion Study:
- On average, employees interact with 8.5 unsafe URLs per day or 59 per week.
- Remote workers access around 31 malware sites per month and 10 phishing domains.
- The most common types of high-risk URLs access (in order of access rate): 1) botnets, 2) malware sites, 3) spam and adware, and 4) phishing and fraud sites.
- Over 25% of the high-risk URLs visited by employees were related to botnets.
- Nearly 20% of risky links led to sites containing spam, adware, or malware.
- Against common assumptions, phishing and fraud only accounted for 4% of the URLs visited.
- ‘Other’ (51% of the data) equals low-risk content (i.e., websites that use proxies, translations, and other methods that circumvent URL filtering and monitoring).
2020 has been a stark reminder to IT and security teams of the risks that come along with a shift to a mobile and remote work environment. Remote work is no longer just a “riskier option” that some companies wish to employ; it’s becoming a necessary reality for most companies. In the face of this reality, IT and security teams are pivoting and shifting their services to support businesses and their employees now working remotely fully.
The study by NetMotion highlights the uncontrollable risk of employees working remotely: with increased flexibility and decreased monitoring, employees are accessing higher risk content and putting entire organizations at greater risk. It also highlights that most organizations are not adequately monitoring (or monitoring at all). Meaning, if employees are accessing risky content on corporate devices from an external home network, the organization is not tracking this activity.
As a result of this shift, leaders at organizations need to be leaning on their IT departments or outside IT companies for additional support: do not wait until there has been a significant and detrimental security breach. PK Tech works with security leaders in order to provide cutting edge solutions to combat a shifting cybersecurity environment for many organizations.
If your business is aware that they need more IT security support than they are currently receiving, reach out to PK Tech. Contact us here.
*Data Source: The analysis above was completed by NetMotion and is based on aggregated data sourced from anonymized network traffic over 30 days from May 21st to June 19th, 2020. The search returned a pool of 76,440 URLs associated with flagged (or blocked) URLs, otherwise known as ‘risky content.’ Original article source linked here.