New research from Avast has found that security concerns among IT decision-makers (ITDM) in small and medium-sized businesses have grown since the start of the Covid-19 pandemic by 56%. The more employees, the more ITDM’s security concerns have grown. In businesses with 2-5 employees, 32% of ITDMs are more concerned since Covid, and the number grows to 76% in SMBs with 100-300 employees.
Percentage of ITDMs with more security concerns since the start of the Covid pandemic, per business size:
• 2-5 employees: 32%
• 6-10 employees: 55%
• 11-49 employees: 58%
• 50-99 employees: 68%
• 100-300 employees: 76%
The growth in employees working from home as a result of the pandemic is one of the main drivers for this level of concern. Covid-19 has completely reshaped the way companies, and their employees work. With the majority of the workforce now working remotely, the network perimeter has significantly widened and helping to secure that perimeter has now become a top strategic priority for many businesses.
Of the ITDMs surveyed in this study, 59% noted they found it difficult to keep up with securing employee devices while working from home. At the same time, 56% noted it is difficult to keep employees educated about cyber risks and how to avoid them while working from home.
“The last 18 months have been incredibly challenging for SMBs, and many have done well to adapt so quickly to changing working patterns as well as ensuring their employees can continue working as much as possible. IT decision-makers have had a tough job managing their workforce and keeping their business’ infrastructure intact and secure,” commented Marc Botham, VP Worldwide Channel & Alliances at Avast. “ It’s clear hybrid working patterns are here to stay, and as every device can be an entry point to the corporate network, SMBs need to develop a robust and comprehensive approach to cyber security. This doesn’t always have to be managed in-house, as professionally managed service providers can help manage and secure SMBs’ infrastructures remotely.”
Changes in remote working
Prior to the pandemic, 22% of SMB workers worked, and 27% of SMB ITDMs worked from home. Unsurprisingly, these numbers have grown in the last year, with SMB workers more than twice as likely (64%) to have been working from home in the last year than they had pre-covid.
Uniquely, working from home has not been consistent across countries, even with the pandemic impacting decisions. Over the past year, working from home has been much more common in the UK than in Germany - 64% of SMB workers worked from home over the past year in the UK compared to 44% in Germany. For ITDM, often in charge of on-site tasks, these figures were lower, at 57% in the UK vs 36% in Germany.
Challenges to address
When asked about some of the challenges and concerns related to employees working remotely, five main concerns emerged:
• More employees working on unsecured internet connections – a concern for 40%
• It is harder to manage security on employees’ devices remotely when they are working from home – a concern for 40%
• Employees using personal devices that have no security controls on them to connect to the IT network – a concern for 31%
• Employees working from home are less careful about what they do online, e.g. what they download – a concern for 34%
• Employees working from home means we have less visibility of our IT systems – a concern for 30%
Cybercriminals have taken advantage of the pandemic, with a 24% year over year increase of business users encountering a cyber threat observed by Avast. Avast has seen an increase of 20% of ransomware attacks worldwide at the beginning of the pandemic. For example, with home office work, the Remote Desktop Protocol in conjunction with easy-to-guess passwords has become a popular attack vector.
Despite the challenges and the growth in concern amongst ITDMs, SMB workers have encouragement for their ITDM colleagues, with 75% noting their company did a good job of securing employees to work remotely during the Covid-19 pandemic. Further, 66% of workers agreed their company had learnt valuable lessons about running a remote workforce because of Covid.