Most of what we read about cybersecurity concerns network security, an essential element of data protection. The network is more or less the pipe through which your information passes. And a cyberattacker can steal everything in it using malware or some other attack vector. It’s a very big deal.
But it’s not all there is to cybersecurity. The devices you and your employees use daily are targets for attacks, too. Malware and other data-stealing applications have to get into your network somehow. A widely accepted number among experts is that 90% of successful attacks start at “endpoint” devices. This includes the laptops your staffers use in the office, at home and on the road.
Of course, if your network is secure, it shouldn’t matter whether something sneaks in through a device, right? Your security setup will intercept the malware before it can do any real damage, won’t it?
Well…probably. But one of the basic tenets of cybersecurity is defense in depth, the idea that security measures should overlap for maximum protection. Network security and device security are both essential elements of defense in depth.
Remote work isn’t the new normal; it’s just normal
When most people think of devices, they probably picture smartphones or tablets. Both are indeed devices that employees often use for work as well as personal tasks. But perhaps the most dangerous mobile device is the one workers use by far the most often: the laptop. It might not have the flash of a pocket-size 21st-century invention, but the fact is that the humble laptop is still the go-to device for most knowledge workers.
And a lot of workers don’t protect their laptops very well at all. Remote work is part of the problem—and it’s an issue that’s here to stay. Despite some heavily publicized return-to-office initiatives, most workers who can work remotely do, at least some of the time. Recent polls indicate that about half of all remote-capable workers work in a hybrid model, spending a couple of days per week in the office and the other days elsewhere, usually at home. Almost 30% of remote-capable workers never go into the office at all. Only 20% work on-site full-time.
That’s not likely to change. Simply put, people like working at home at least part of the time. Polls indicate that companies that try to bring workers back into the office full-time are at risk of losing them; almost 30% of hybrid workers and more than 60% of exclusively remote workers said they would look for another job if their employers tried to bring them back into the office with no remote work option. In a tight labor market for accounting firms and small businesses, alienating current and potential employees is simply not an option.
Laptops used outside the office need device security
Unfortunately, remote work increases the threat of a cyberattack. One Verizon report shows that in the last three years, 62% of companies have experienced a data breach that was at least partially attributable to remote work. There are many reasons why remote work increases the chance that a business will fall victim to a cyberattack. A few of the more prominent ones demonstrate why device security that covers laptops is so important.
For one thing, remote work of any kind almost always involves working at home, and employees often don’t pay a lot of attention to their home security setups. The Verizon report offers two particularly staggering statistics: 71% of users don’t change the default password on their home Wi-Fi, and 28% don’t password-protect their home Wi-Fi at all. The first thing a cyberattack victim must do is change the password on the targeted application or account. Malware could be running on a home network under the default password undetected. And not using a password at all is just asking for trouble.
If malware enters a device via an unprotected or under-protected home network, it’ll almost assuredly deploy on your business’s network next time a user logs in on the infected device. If you’re running applications and storing data in the cloud with a trusted partner, you’ll still be protected, but it’s far safer to practice defense in depth and keep devices clean. And if you don’t have a security partner, your network is wide open to attack.
Working at home isn’t the only scenario in which devices are vulnerable. Airports, coffee shops and other public places frequently offer public Wi-Fi, but the networks are almost never secure. If they are, they’re probably not adequately protected. The Verizon report notes that 90% of remote workers access company resources from somewhere other than home—five different locations, on average. If employees fail to use a virtual private network (VPN) to log in, they’re inviting malware onto their devices and, ultimately, onto your network.
Device security fills the gaps in employee reliability
The fact is that stressed and tired employees don’t always take the time to practice good cyber hygiene. But just one rogue click or login could pose a major threat to your data and your business. Even client sites aren’t immune. Clients or customers could have undetected malware running on their networks that could make it into one of your employee’s laptops and ultimately onto your network. It’s hard to think about cybersecurity during an intense meeting or while logging in to fetch a critical document at the airport.
That’s why device security is so important. It provides defense in depth with network security, but it also makes up for the inevitable lapses in good cybersecurity behavior by employees. If you park your car in a secure garage, you still lock the door, even if it’s unlikely a thief will steal your vehicle. Extreme caution is always necessary with cybersecurity. So, while network security is critical, device security is equally as important.
Fortunately, a trusted cloud partner can provide both. Running applications and storing data in the cloud protects your information no matter where or how you access it. Device security adds an extra layer of reassurance. A cloud partner can even train your employees to practice good cyber hygiene and eliminate vulnerabilities when working in the office or elsewhere. And when you can protect devices anywhere, you can hire employees who are based anywhere. Network and device security enables your firm or business to search nationwide for talent at a time when good employees are hard to find and keep.
Rightworks is your cloud security partner
Rightworks OneSpace is the cloud service you need to keep your firm or business safe. OneSpace offers the network protection you need to operate safely from anywhere.
With OneSpace, you and your clients can trust Rightworks to:
- Update security technology without having any impact on your daily business activity.
- Back up and protect your data for maximum availability under any circumstances.
- Protect your data in enterprise-class facilities and provide 24/7/365 support.
- Offer comprehensive and customized services to accounting firms that choose to outsource IT.
Rightworks also offers managed security services that provide an extra layer of device security. With Rightworks, you can let experts handle security for you while you run your firm or business—from anywhere and at any time. You’ll enjoy complete protection in any model of work you and your employees choose.
You need to secure your data and devices now. Get started today.