Work From Home Risk Assessment

With the spread of COVID-19 virus worldwide, most of the organizations around the world have taken some steps to reduce the number of employees coming to the office and encourage them to work from home.

Working from home help immensely reduce the spread of the virus, yet it introduces a new risk related to cybersecurity since it relies primarily on technology for being connected with their organizations.

In this article, we will try to list some of the risks that may face the organizations and some mitigation actions to be taken.

  • Insecure home internet, this related to the internet used to connect to the organization from home. If the internet is not secure enough by applying a strong encryption system, the communication might be intercepted and read by malicious users.
    • Recommendations provide awareness to employees on how to ensure using a reliable and secure internet at home. For example, making sure that the internet home router is configured with a WPA2 encryption system.
  • Missing key patches and updates, PCs outside the work environment may not be reachable by deployment systems.
    • Recommendations ensure employees understand the importance of accepting new patches and updates to cover any discovered vulnerabilities.
  • Social engineering, in such times hackers exploit people panic of the virus and use it in their attacks.
    • Recommendations, train employees of how to defend themselves from social engineering attacks such as phishing, vishing, farming, etc.
  • Posting sensitive information on social media, this period is chaptalized by the excessive use of social media. The probability of sharing sensitive information is high.
    • Recommendations, employees to be reminded with the company acceptable use policy and be trained on applying common sense on what should be shared publicly and what shouldn’t.
  • An Unstable network, network at home is not as stable as it is at work which will impact the quality of work performed at home.
    • Recommendations ensure having the internet back from different ISP and better to be different technology. For example, ADSL and 4G.
  • Hardware/Software failure, working from outside the office will make it harder for employees to get quick support on issues faced their computers.
    • Recommendations develop a remote support strategy to aid employees to get rapid solutions when facing issues related to their devices.
  • Exposed to Malware, work from home will increase the exposure of being infected with Malware, Trojan, etc.
    • Recommendations increase users’ awareness of the importance of getting their devices up to date and being able to apply personal judgment on suspicious activities.  
  • Loose control of some standards, someactivities are in loose control when practiced at home. For example, clean disk policy assures securing information in physical form. This cannot be assured at home.
    • Recommendations increase awareness of employees (via logon banners, emails, etc..) especially these days with what behavior should be expected from them when working from home.
  • Difficulty in performing some activities that require physical interactions, some activities like signing papers require physical interactions. This will constitute a risk for people to go to the office to get it done.
    • Recommendations establish a digital signature system. This will not only require internal alignment but will also liaison with key business partners. Some banks are already using the digital signature system.

By Ashraf Abd ElHamid
IT and Cyber Security Consultant at iExperts

Click to rate this post!
[Total: 1 Average: 5]