After Corona: more home office desired - more IT security required

41 percent of employees currently work from home. This is a result of the Eset-Study "Changing the world of work through Corona". But what will things look like after the Corona crisis? According to the survey, 68 percent of employees would like to see a relaxation of presence regulations. They either want to work from home at least one day a week (29 percent) or be able to decide flexibly whether they work in their home office or in the office (31 percent). 8 percent of employees can even imagine a working life without a fixed workplace in the company building. A more digitized work environment ultimately means putting IT security back on the corporate agenda as quickly as possible so that home offices do not become "Trojan horses" for the protection of company data. Here, too, the study shows a great need to catch up after the crisis.

"When it comes to IT security, we still see a serious need for companies to catch up," explains Holger Suhl, Country Manager DACH at Eset. "Not even one in three has received full technical equipment and IT guidelines from their employer for work at home, and 14 percent use their private devices for professional purposes - a GAU not only from a data security perspective."

Equipment for working from home often inadequate

Almost half of employees (41 percent) currently work from home. Of these, nearly 70 percent were first sent to the home office as a result of the current situation. "Infrastructures had to be created from one day to the next that allow employees to work at home. Improvising was on the agenda. We need to put this on a stable footing for the future," says Suhl.

Only 27 percent of respondents were provided by their employer with complete technology and behavioral guidelines for working in a home office. A quarter have not been given an IT guide on what to look for in a home office. "The results are frightening. Especially the use of VPN software as well as multi-factor authentication is essential to ensure the reliability of the corporate network. In this situation, user name and password are no longer sufficient by far," explains Holger Suhl. Surprisingly, around 30 percent of respondents have not received any technical equipment at all (16 percent) or use their private devices for business purposes (14 percent). "With a view to data security and the security of the corporate network, this is grossly negligent. In the event of damage, it is doubtful whether cyber insurance, for example, will cover this."

And after the crisis?

According to the survey, almost one in three would like to return to the office permanently after the end of the Corona crisis. A full 8 percent do not want to return to the office at all. Sixty percent of employees would like to see the rules relaxed. They either want to work from home at least one day a week (29 percent) or have the flexibility to decide whether to work from home or in the office (31 percent). "Companies that were strictly against home office before Corona will have to rethink in the future and grant their employees flexible working models. After a good month in the home office, it is time to focus on securing workplaces at home. Secure access to the company network through multi-factor authentication is elementary here," says Suhl.  Source: Eset

About the survey: For the Eset study "Changing the world of work through Corona", an online survey was conducted by YouGov Deutschland GmbH, in which 2,045 people participated in the period from 07.04.2020 to 09.04.2020. The results were weighted and are representative of the population in the DACH region aged 18 and over, according to Eset.

Home office: What security vulnerabilities lurk?

Anyone working within their own four walls should be aware of security vulnerabilities. Two experts from Eco, the Internet industry association, give five tips for secure work in the home office.

Safe workplace: The basis is a stable network connection via the password-protected WLAN at home. Employees can access the company network via VPN (Virtual Private Network). Data can also be exchanged with colleagues, customers and partners via secure data rooms in the cloud. There, documents can also be securely edited together with colleagues.

Strictly separate private and business hardware: If possible, one should only use the company laptop to connect to the IT systems of one's company. Or one works with the private computer in the browser on securely configured virtual machines (VMs) that do not allow any data exchange between private PC and VMs. Private devices such as smartphones, USB sticks or external hard drives should not be connected to the company computer. Conversely, you should not install and use the usual company applications on your private computer without the boss's approval.

Choose safe applications: As mentioned, for work in the home office, the security systems provided, such as VPN client and virtual machines (VM), should always be used. Software for private users may only be used for business purposes if the IT department expressly agrees. Many data transfer and conferencing services for private individuals do not meet the minimum requirements for data protection and IT security, which are of key importance for some companies.

Beware of phishing emails: Cybercriminals are currently sending out many phishing emails containing supposed news about the Corona crisis. However great the interest, it is better to check the sender's address and the content of each e-mail twice. If in doubt, do not click on links or open attachments. It is better to forward one too many e-mails to IT for checking instead of catching malware.

Secure online in the home office: The company computer should only be used alone and passwords should never be passed on to family members, friends or work colleagues. Anyone who is not working on their computer should lock it. Even in the home office, do not visit websites that could pose a security risk. You should also take browser warnings seriously.

Source: eco - Internet Industry Association