With organizations allowing unrestricted internet access, high-volumes of corporate data is being left vulnerable to cyber-criminals on the lookout for employees with lax security habits to exploit. This kind of behavior is not only a colossal waste of UK productivity, but also a cybersecurity nightmare that could leave an abundance of confidential files in the wrong hands.
The bad influence of digital transformation
Technology has transformed our lives dramatically over the last twenty years, from how we purchase goods to how we consume media platforms. Never have we had such easy access to a vast, far-reaching world of information and entertainment through the internet.
However, for all the benefits that these improvements have gifted us, in terms of convenience and quality, it has also revealed some very modern challenges for businesses.
People in the UK are spending more time than ever accessing risky materials online and this has inevitably transcended into the workplace. These websites represent a major threat to cybersecurity because they are often plagued with downloadable materials and adverts that are embedded with viruses and other harmful malware.
For example, experts have recently warned the millions of Pornhub users to be careful, after it emerged that cyber-criminals were targeting the website with a highly dangerous ‘Kotver malware’ that was cleverly masked through pop-up ads. This use of ‘malvertising’ on legitimate websites has become incredibly popular among hackers and accessing these materials within the workplace can be catastrophic, leaving company networks far more susceptible to phishing scams and viruses, which can be incredibly costly to remediate.
There are plenty of examples of this risk becoming a reality. 2017 saw a host of devastating cyber-attacks on major companies such as Deloitte and Equifax, as hackers stole information about thousands of customers. The thought of confidential documents and people’s personal details getting into the wrong hands is a harrowing one, and it’s likely to become a far greater issue in 2018. Companies that allow their staff unrestricted access to the internet are in grave danger of placing their names next on the list of victims.
Putting data and corporate integrity first
According to respondents of a survey conducted of 600 IT decision makers by OneLogin in January, 67% of businesses neglect to invest in single sign-on (SSO) solutions, and 54% don’t use a domain name filtering system. To avoid a descent into the further chaos that hacks create, businesses need to focus their attention on controlling the content that is being accessed via the corporate network and evolve cybersecurity strategies to reflect modern employee needs.
Such SSO solutions, for example, help to keep information secure by using policy-driven password security and multi-factor authentication to ensure that only authorized users have access to sensitive data, while domain name filtering blocks access to potentially dangerous websites based on a business’s specific criteria.
Businesses must prioritize training to educate their employees on the hazardous consequences of high-risk websites and raise awareness of the issue throughout the organization. With the most common form of successful cyber-attacks arising from phishing emails, businesses must conduct regular employee phishing assessments. This enables businesses to identify who in their organization is most liable to click on harmful emails, and help those who aren’t as tech-savvy to be aware of what exactly a phishing email is.
Yet worryingly, nearly two thirds (62%) of the study respondents admitted their business fails to conduct employee phishing assessments, and more than a third (36%) don’t invest in security education.
Despite cybersecurity posing itself as one of the main threats facing businesses in 2018, companies are still failing to properly enforce sanctions on internet access in the workplace. So, ensure that your business is implementing these measures to stop high-risk websites being your downfall.