Businesses all over the globe have moved to a remote work or hybrid model, and with this change came new cybersecurity threats. Prior to the COVID-19 pandemic, cloud-based applications for data storage, communication and collaboration were seen as unsafe from a business standpoint. However, with the pandemic they became necessary to keep businesses functioning as people were forced to stay home. It was estimated that 30% of businesses allowed remote work or a hybrid work model prior to the pandemic, but this statistic has since jumped to over 70%. While we have proven that cloud-based tools are safe and effective, there are cybersecurity threats to consider as we continue to evolve into these new work models. According to Netskope, 67% of malware is cloud-delivered malware. This doesn’t mean that you should shy away from using the cloud, it just means that education and preventative measures are important to keep your business safe.
Personal Cloud vs Company Cloud Use
Most people have been using the cloud for personal use for a decade (think Google Drive or iCloud). It makes storing images, documents, and email simple for end users and enables easy sharing with friends or family. It would be difficult to find a person who doesn’t use the cloud in one way or another. As businesses started using these same applications, employees began mixing their personal accounts with business accounts which is where cybersecurity threats can come in. A statistical example of this being that 97% of Google Workspace users have authorized at least one 3rd party app access to their corporate google account.
As the lines between controlled business accounts and personal accounts become more blurred, it becomes more difficult to prevent or locate cyber threats. Educating your employees on proper use of cloud applications is an important first step in prevention. The “bad guys” rely on uneducated employees who trust links, forms, and emails without properly analyzing the source. Hackers have become well versed in creating campaigns that look almost identical to authentic workplace correspondence. These campaigns can be anything from an email inviting you to link your email or collaboration tool account to another, to corporate surveys where you are asked to provide contact information or personal details about yourself.
Employees may also be uploading work related documents into their personal cloud simply because they are the most comfortable with that platform. However, personal accounts are often linked to social media, video games, or other accounts with no required frequency for password changes. This means that if their social media account is hacked, it is possible for the hacker to access other linked accounts.
Educating your employees on keeping their personal accounts separate from work accounts is a great way to mitigate this potential risk. It is important to educate your employees on how to create secure passwords, avoid email phishing scams, and safely store data of all kinds in the cloud.
If you have any questions about cybersecurity, reach out to us at 763-475-5500 or email ContactUs@Matrix-NDI.com