A new Visual Objects survey shows one-third of U.S. full-time employees aren’t practicing basic cybersecurity protocols amid COVID-19.

The Visual Objects survey polled 500 full-time U.S. employees. It did so to gain insights into how companies are managing cybersecurity risks during remote work and the pandemic.

Employees said their companies aren’t requiring secure Wi-Fi networks, phishing training, two-factor authentication, VPNs or password managers.

Sydney Wess is content writer and editor at Visual Objects. She wrote the report and analyzed trends.

Visual Object’s Sydney Wess

“Despite the challenges, increased cybersecurity services are needed in the workplace as more breaches and attacks occur,” she said. “One data breach can easily shut down a business forever. They’re costly and often destroy company reputations. Cybersecurity providers have the opportunity to communicate their value in spaces more threatened by remote work vulnerabilities. If MSSPs and cybersecurity providers effectively communicate the necessity of their services during the pandemic, they’re more likely to start new relationships with companies during COVID-19.”

Wi-Fi More Common than Other Cybersecurity Protocols

Some 35% of employees are required to use a secure Wi-Fi network for work activities. This makes secure Wi-Fi requirements more common than all other basic cybersecurity protocols. Those include VPNs (31%), two-factor authentication (31%), phishing training (32%) and more.

Secure Wi-Fi networks are considered a remote work essential by most experts, who weren’t surprised by their popularity. However, cybersecurity professionals felt other risk management practices, such as phishing training, should be more common, especially considering increased email communications during remote work.

“There are plenty of ways cybersecurity providers can help companies on a budget,” Wess said. “For instance, simply switching over to a two-factor authentication system for accounts significantly enhances the security of a network and makes it easier for employees to access accounts. Because platforms such as Google offer two-factor authentication, it can be implemented inexpensively.”

Phishing scams are the leading cause of worldwide cyberattacks.

“Phishing awareness training can also be relatively inexpensive while having a positive impact on security,” Wess said. “Workplace cyberattacks start with a phishing email 80% of the time. A professional training on how to identify and manage phishing emails will go a long way in any workplace.”

Taking Work Computers Home

Employees at two-thirds of companies are contributing to cybersecurity risk management goals by taking home work computers, allowing employees to separate work data from personal files.

Experts believe employees benefit from keeping work data and personal information on separate devices. Personal computers are often on public, unsecured networks. Those are more vulnerable to threats such as man-in-the-middle attacks.

As long as work devices have secure remote access systems and ransomware in place, employees are more likely to keep sensitive company data protected while remote.

“There are plenty of popular, prevalent cybersecurity measures companies are taking to minimize risk during the pandemic,” Wess said. “Taking home secured office laptops and equipment ensures that employees keep work data off their personal computers, which are more often used on public, unsecured networks.”