If the past year has taught us anything, it’s that work doesn’t necessarily require a ‘workplace’ or a nine to five day. The most resilient businesses have embraced our new found flexibility; staff are happier and, according to recent studies, productivity is higher.
A ‘security first’ culture is a must for a remote workforce. While we’re working from home offices, on the go, and across multiple devices, employees must be empowered with the right tools and information to protect their organization’s data.
In a recent study carried out in collaboration with IT platform, AG Connect, we surveyed nearly 500 IT professionals to investigate the top security challenges facing organizations as they adapt to a remote working culture.
What did we learn?
46% of respondents claim that more emails are being sent with an increase in remote working; preventing data leaks is acknowledged by 74% of respondents as being the largest challenge with remote working.
Additionally, security awareness among employees urgently requires attention, with nearly 72% of respondents stating that the awareness amongst their employees is one of the main challenges with remote working.
This year, it is predicted that $150 billion will be spent worldwide on information security and risk management. However, traditional security solutions and training focuses primarily on incoming attacks issues which, in reality, account for less than 20% of reported data leaks.
In fact, our survey showed that despite 80-90% of data leaks occurring in outbound communications, a staggering 70% of respondents are unconcerned by the information being shared within their organization.
Why is your security strategy failing your workforce?
Security is often considered a tick-in-a-box procedure by management and employees alike; a practice in achieving compliance, but little else.
Employees want to be able to do their jobs, without being hindered by security protocols, procedures and platforms. If security becomes too big of a hurdle, it will become a second priority to day to day tasks and workflows - and that’s how mistakes happen.
Why we’re turned off by training
Raising security awareness across a remote workforce is a priority for the majority of survey respondents. Naturally, compulsory training seems to fill that gap.
However, studies show that cyber security training is effective for just four to six months before it must be repeated. Cyber security training needs to fight hard to keep our attention; we’ve got one eye on our inbox and the other is watching the minutes tick by until our next meeting.
Compulsory training is delivered not to educate, but to meet compliance, resulting in a human-error shaped hole in the curriculum. Instead, organizations must leverage innovative new technologies which simultaneously educate and counter mistakes in real time.
Security risks are still misunderstood
According to 75% of respondents, hacking, malware and phishing are primary threats to their data. However, 80% of data incidents reported to the ICO last year were caused by human error. Emails sent to the wrong person, misuse of BCC, incorrect or missing attachments; these are small mistakes with the biggest consequences. And yet, traditional cyber security solutions fail to address this issue.
According to IBM and Ponemon's Cost of a Data Breach study, security automation (utilizing technologies such as artificial intelligence, analytics, and automated orchestration) is most effective at mitigating data breach costs. Today, technology can do the hard work for your people, enabling time-poor employees to get on with their days, safe in the knowledge that machine learning and pre-set business rules are working in the background to protect their data.
So what’s the solution?
The answer is new generation solutions, designed to empower people with tools to protect data with little to no disruption to existing workflows.
There is a new breed of email security technology designed to protect organizations from human error in real-time, instilling best practice, raising awareness, and preventing data breaches in outbound email.
With Zivver, users can:
- Act on real-time automated notifications regarding incorrect recipients, sensitive data, missing attachments and more, before hitting ‘send’
- Ensure only the intended recipients access emails and files with 2FA
- Transfer up to 5TB files within their email client
- Retract and set expiration periods on emails after sending
- Enable external stakeholders to access emails and files, and send secure messages, without having to create a Zivver account
Launch a new organization-wide culture of email security as standard with Zivver. Get in touch to learn more.