Return to Office Causes Data Security Stir

Return to Office Causes Data Security Stir

By Greg Tavarez

Cyber threats affect organizations of all sizes. When a cyber threat does reach its target and causes a cyber breach, the finger is usually pointed at the lack of cybersecurity solutions in place. That’s true to an extent. But human error is also a big factor.

In fact, according to a Verizon report, 82% of data breaches are caused by human error, and companies of all sizes are at risk because of it. A few examples of human error instances include the Uber, Rockstar and Dropbox data breaches in 2022.

These “bigger” companies might be more rewarding targets for bad actors, but that does not rule out the possibility of smaller organizations becoming victims of cyberattacks, especially as employees return to the office. That is why, according to Adastra, more than three-fourths of business managers expect their organizations to experience a data breach in the next three years.

“The results of this survey should serve as a reminder that companies of all sizes must invest in data security protection, resources and education, particularly as we return to in-office activities,” said Kuljit Chahal, practice lead, data security at Adastra North America. “During the pandemic, many employees were hired virtually and, in combination with long absences from offices, introductions to and re-familiarization with security protocols will be critical.”

Taking Chahal’s advice on investing in data security protection, 68% of managers surveyed say their companies have a cybersecurity division and a further 18% report they are in the process of creating one.

“The increase in data breach incidents across North America is troubling and must be prioritized as employees continue to return in-person to their corporate offices,” said Chahal.

Security enhancements are provided by Adastra to help organizations bolster security as employees return to the office. Among them are tips commonly known such as deleting redundant data, having a data backup plan, establishing two-factor authentication, implementing early detection systems and updating computer programs with the latest security features. Pretty standard practices that are preached often.

Practices that organizations may not be as familiar with include:

  • Keeping employees informed with cybersecurity education. Employees who go through regular phishing tests may be less likely to engage with malicious actors over email or text messaging.
  • Establishing processes for provisioning and de-provisioning user access with approvals, reports and regular attestations to limit what an attacker may be able to access in the event of compromised credentials.
  • Hiring a third-party company to assess the organization’s security posture. This provides a clearer picture of strengths and weaknesses and a roadmap to address greatest vulnerabilities.
  • Reinforcing clean desk policies and reviewing physical access controls, including access to secure areas. As employees return to the office, this practice is encouraged to ensure assets are not stolen or lost. Work-from-home employees who have company assets should be routinely educated on keeping those assets secure while at home as they would in the office.

More employees are returning to the office, but this does not mean companies should relax on security measures. Invest in security protection and ensure the company does not become a victim of a future cyberattack.

Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Say Goodbye to Passwords: 1Password Unveils Two Passkey Innovations

By: Greg Tavarez    6/9/2023

1Password now offers customers the ability to save and sign into online accounts with passkeys as well as unlocking 1Password accounts with a passkey.

Read More

Industrial Cybersecurity Transformed: Secureworks Launches Integrated MDR Solution for OT and IT

By: Greg Tavarez    6/8/2023

Secureworks announced two new offerings to unify the way industrial organizations prevent, detect and respond to threats across the OT and IT landscap…

Read More

K8 Notifier: A New Twist on Cloud Cybersecurity

By: Matthew Vulpis    6/8/2023

K8 Notifer can create a suite of alerts for MSP to detect suspicious activity in the configuration and patterns of their and their customers cloud ser…

Read More

Impossible Cloud Paves Way with New Program in the Web3 Era

By: Greg Tavarez    6/8/2023

Impossible Cloud's Partner Program allows partners and resellers to seamlessly implement, demo and integrate its efficient, performance-driven solutio…

Read More

CrowdStrike Empowers Next-Gen Cybersecurity with Generative AI

By: Stefania Viscusi    6/8/2023

Security company CrowdStrike unveiled Charlotte AI, a new generative AI cybersecurity that will help to democratize security and empower users of the …

Read More