Employees working from home during the pandemic are visiting more risky websites than they did while working in the office according to new research from NetMotion.
IT and security teams have had their hands full not only ensuring that employees remain productive while working remotely but also that they keep themselves and corporate data as secure as possible. However, achieving a balance between productivity and security has become increasingly difficult as most organizations do not have adequate visibility or control over what their employees do on corporate devices such as company issued laptops and smartphones.
NetMotion aggregated a sample of anonymized network traffic data gathered between May 30 and June 24 of this year to search for evidence of users attempting to access blocked URLs to reveal that employees clicked on 76,440 links that took them to potentially dangerous websites.
All of these sites were visited on corporate devices while using either home or public Wi-Fi or a cellular network connection. If these employees had been connected to protected internal networks at the office, they would have been prevented from accessing this risky content.
NetMotion’s research found that on average, employees encounter 8.5 risky URLs per day or 59 per week. At the same time though, remote workers also access around 31 malware sites and 10 phishing domains per month which equates to one malware site every day and one phishing domain every three days.
When it came to the most common types of high-risk URL encountered, botnets took the top spot followed by malware sites, spam and adware, phishing sites and finally fraud sites. NetMotion also found that over a quarter of the high risk URL visited by employees were related to botnets.
Security measures as well as training have increased in the workplace and employees connected to corporate networks are generally safe, secure and productive thanks to the several layers of technology such as firewalls which are put in place to protect them. However, while working from home, remote employees lack this same level of security and this exposes them and their organizations to higher levels of risk.
In a press release, EMEA director at NetMotion Software Achi Lewis explained how the shift to remote work has left enterprise organizations more vulnerable to potential cyberattacks, saying:
“As this research highlights, remote workers are frequently accessing risky content that would normally be blocked by firewalls and other security tools that monitor internal network traffic. Naturally, this poses an enormous threat to the enterprise. Added to this, many organizations have no visibility into the activity taking place on external networks, let alone any means to prevent it. With such a rapid shift to remote work, enterprise security teams have been left flat-footed, unable to adequately protect users in the face of increasingly sophisticated cyberattacks.”