How has COVID-19 Impacted Cybersecurity? 5 May 2021
Over the last 12 months, the coronavirus pandemic has added many new aspects to both our home and working lives. And, for businesses and IT professionals, these have included new variables to how data and data security are managed on a corporate level.
With restrictions lifting and businesses considering a return of their employees to the office, many are turning their attention to cybersecurity. Just how much risk did companies have to expose their data to in order to adapt to these unprecedented working conditions?
CISO Talks is a weekly podcast tailored for fellow CISOs (chief information security officers) and IT professionals. Our partners, WhiteCanyon, were invited onto the show to discuss how certain scenarios, changes, and trends are shaping the role as well as the cybersecurity industry.
You can listen to the episode here.
The Impact of Covid
Quite simply, coronavirus changed everything for companies and on a global scale, too. Large corporations went from spending millions of pound protecting their corporate networks from cyberattacks to having around 95% of their workforce working remotely at home in the space of two weeks. And, small companies were equally affected.
All companies responded quickly to keep their industry turning and, more importantly, keep their only finances ticking over. They took whatever measures were necessary to allow their employees to carry on and to adapt to their remote working environments. But, what was more concerning was that all these people were now relying on their personal wifi networks to do so.
What did this mean for data security?
The most common response was to send employees home and to allow them to access the company’s data through a VPN tunnel. Those who had portable work devices took these home; however, many employees moved to a home device. Most corporations did not have enough laptops and computers in order to assign work devices to everyone.
With hindsight, there are two worrying issues with accessing company data on home devices via a VPN tunnel.
Using a VPN Tunnel
A VPN tunnel is a virtual private network. It allows a private network, such as a company network, to extend across public networks. The user can send and receive data across shared or public network as if it were directly connected to the private network.
With employees now accessing confidential and sensitive company data at home, the risk lies not with their home devices. It was extremely difficult to control where this data was going. While working remotely, data may have been saved on a home device, meaning there is a trace of data here. Even if the user deleted the files after use, professional hackers and technology could still recover this information unless a thorough wipe was carried out.
Using a Home Device
Company computers and devices are fitted with intrusion detection alerts and the latest internet security software. In larger corporations, there are whole departments dedicated to maintaining all devices to help mitigate any cybersecurity threats.
In comparison, a home laptop does not receive the same attention. In the large majority of cases, these devices do not have the same intrusion detection alerts or security software. Therefore, each home device that was accessing the VPN tunnel was a potential weak point and target for hackers.
Due to the coronavirus pandemic, all this data is out there. The impact of and reaction to covid came about so quickly that these security concerns became an afterthought. Data security officers are now concerned that this period will come back to haunt companies in the future. With the vulnerabilities now in place, lots of organisations are currently working hard to protect themselves in addressing these concerns.
All companies have a disaster recovery plan in place; however, there are more concerns whether these took into account a situation such as a coronavirus pandemic. Our reliance on traditional security has been shown up during this time. We need to start thinking about data and data security in a different way.
No matter how you look at it, it is an impossible situation in every context, and regardless of your industry.
Some organisations already had remote teams with assigned laptops and VPN tunnels set up and were, consequently, in a safer place when the coronavirus struck. Their challenge lay in increasing their remote working sphere to accommodate their in-house teams.
The way the coronavirus pandemic has caused businesses to stretch themselves to allow and manage a remote team is a huge positive. The possible vulnerabilities that have happened along the way are very much a negative effect.
Information security threats have increased around 45% since the beginning of the pandemic. The nature of some of these threats have changed, and now especially phishing preys on corporations vulnerabilities. There is no doubt about it a very damaging time. And, some cybercriminals have made the most of the chaos that the pandemic has caused.
The value of data is what drives all of this.
The threat of cybersecurity is only going to increase, so the best thing your company can do is to focus on ways and software you can use to reach all your employees’ devices. With workers now returning to the office, it may be worth considering data wiping to sanitise all devices that have been used remotely.
For doubt-free data wiping, we recommend WipeDrive. WipeDrive is the market-leading software that is 100% guaranteed to remove all traces of your data from a device, making it impossible to restore. By using military-grade wiping patterns, WipeDrive can wipe everything from data to programmes and even the operating system.
If you would like more information about WipeDrive and how it could work in your company, get in touch with our Sales Team today. Call us on 0345 340 3105 or fill out the enquiry form on our website here.