1-fifth of remote employees in the UK recycle their get the job done email or password to log into shopper sites and apps, these kinds of as online purchasing and even dating, escalating the risk of their corporate credentials getting stolen. This is according to Ivanti’s Secure Shopper Cyber Report, which surveyed 1000 UK dwelling workers about their cybersecurity behaviors.
The analysis discovered that bad cybersecurity practices by household workers are widespread, which is putting businesses at greater risk of cyber-attacks. Above a third (39.93%) of all those surveyed explained they were being authorized to use private products, this kind of as laptops, smartphones, tablets or smartwatches to entry enterprise programs and networks. Despite this, practically 50 percent (47.87) admitted they have not set up two-factor authentication for wise units in their households.
The report also indicated that organizations have not adequately tailored their security strategies to a distant functioning product, practically a 12 months due to the fact the start out of the COVID-19 pandemic. All around a person-3rd of UK shoppers claimed their corporation does not demand them to use a protected accessibility instrument, these types of as a VPN, whilst around a quarter of US and UK remote staff surveyed claimed that their employer does not involve them to update their password each six months or use a one-time password generator.
Nigel Seddon, VP EMEA West at Ivanti, commented: “The weak security hygiene and shortfalls in organization security emphasized by the report are creating a great storm for cyber-criminals seeking to choose edge of people doing the job from home. By reusing passwords and failing to implement corporate workspace segregation procedures and multi-factor authentication, organizations are escalating their risk of slipping target to credential stuffing attacks.
“Given that there has been a current maximize in the number of knowledge breaches targeting customer-dependent organizations and online communities, it is incredibly likely that organization email and passwords are currently exposed on the dark web. Providers across all industries will have to apply a zero-rely on design to be certain that entities accessing corporate info, applications or networks are valid and not applying stolen credentials.”
Some components of this posting are sourced from: