Home office – a security risk for company data?
Home office – a security risk for company data?

Working from home or hybrid forms of this will continue to play a major role in many companies in the future and define a new standard. But what risks does working from home entail and how can these be minimized?
Of course, the ideal is for every employee to have their own office at home with perfect facilities. However, this is often not the case. Not only are kindergarten and school children sometimes also in the “home office”, but also weak Wi-Fi signals or a lack of space make this wishful thinking impossible. However, if a professional workplace is not available in the home office, a professional and safety-conscious way of working should still be maintained. In the home office, the responsibility of each individual is even greater than in the office, as the person responsible for IT is not within easy reach. Secure passwords with two-factor authentication, locking the work device when leaving the workplace and storing it securely when you finish work are uncomplicated basics that need to be taken into account.
Dangers from internal company users
The use of private devices is also an observable trend, especially in small and medium-sized companies. In most cases, the employer’s primary motivation is to “save” costs for company laptops and smartphones. However, there are a number of risks associated with this, which can be far more expensive for the company. Private devices generally have completely inadequate protection, which means that companies lose control of their data security.
Outdated computers with missing or inadequate security software provide gateways for attacks. Irregular updates of the operating system and installed applications are also major risk factors here. The use of these devices by several people in the household with different levels of security awareness is also extremely worrying from a risk perspective. This is because some users have little knowledge of the dangers posed by phishing, viruses and Trojans on the Internet. Inconsistently maintained and managed systems already pose a certain risk within the company. The danger is all the greater when using private devices.
However, deliberately bypassing the security guidelines set by the company in order to supposedly work more “productively” are also everyday dangers that make security managers sweat. For example, employees send company documents to private email addresses, use passwords in different places or even pass them on to colleagues, use company equipment for private purposes or even try to install their own applications on company devices.
Dangers from cyber criminals
Regular employee training is an essential task in order to develop a general understanding of IT and data security. However, training employees alone is not enough. Companies must also invest more in the security of home workstations in order to be adequately protected.
The current working situation is being exploited by cyber criminals to capitalize on the crisis. Video conferencing, for example, offers points of attack for hackers, as it is fairly easy for unauthorized persons to gain access to certain conferencing services. Once they have gained access, they can forward links via the chat function in order to send malware to the participants’ devices. Furthermore, poorly secured or unsecured Wi-Fi connections pose security risks, as unauthorized persons can easily access devices and spy on information or manipulate data.
Criminals also try to inject malware into the device and the company structure via fake information, false websites or emails. One example of this malware is ransomware. However, ransomware, phishing emails and other types of malware are only part of the numerous threats that companies face.
About us
We are a powerhouse of IT specialists and support customers with digitalization. Our experts optimize modern workplace, DevOps, security, big data management and cloud solutions as well as end user support. We focus on long-term collaboration and promote the personal development of our employees. Together, we are building a future-proof powerhouse and supporting customers on their path to successful digitalization.