Procurement · 7 July 2017

Why home-working employees could be opening the back door to cyber criminals

Almost nine in ten employees had undertaken a risky activity at home that could threaten company networks
Almost nine in ten employees had undertaken a risky activity at home that could threaten company networks

Flexible working arrangements could be leaving small UK companies exposed to cyber criminals, as new research reveals many staff are failing to undertake basic security measures at home.

In a study of over 2,000 British workers, T-Systems, the cyber security arm of telecoms firms Deutsche Telekom, discovered a worrying number of common cyber security failures among home-workers that could create a direct route for online hackers into their employer’s IT networks.

As flexible working patterns become increasingly adopted by UK companies, the research confirmed viruses, ransomware and other malware were at “epidemic proportions”. Almost a third of UK households had reported malware or stolen passwords in the last 12 months.

In particular, the growing interconnectivity of work and personal information via smartphones was found to have exacerbated the potential for threats.

A third of all employees used their personal devices to access work emails and documents, yet just 12 per cent were undertaking good cyber security practices to protect against threats. The same number used identical passwords for all work and personal accounts.

Meanwhile, some 88 per cent were found to have recently undertaken at least one “risky” activity.

Commenting on the findings, Scott Cairns, head of UK cyber security at T-Systems, cited recent attacks on the NHS and Houses of Parliament as rightly raising the profile of online threats.

“Our research highlights the potential danger for organisations of all sizes can begin much closer to home,” he said.

“This originates through a combination of poor home cyber-security, the continued growth in the range and interconnection of smart devices, and the widespread practice of using personal devices for work one minute, and then personal use the next.”

Device sharing within homes has also exposed business networks to cyber criminals. An average seven smart phones and computers were found in the typical household, and a third owned Wi-Fi enabled devices such as Amazon Echo.

“Once one device at home picks up malware, it can easily spread to others on the network,” Cairns warned.

“Employees emailing work documents to and from home devices opens the door for malware to be spread throughout the organisation.

“This is particularly alarming for businesses, as our research found nearly a third of all employees have suffered problems at home from malware in the past 12 months. This can be on the very devices employees are regularly using for creation of work documents and email.”

Protecting your business from cyber criminals

To help owners of small firms adequately protect their company, T-Systems outlined a number of measures to bolster cyber security.

  • Deliver effective and compulsory cyber security training for employees, particularly on home-working best practice
  • Regularly review cyber education through Q&As
  • Outline a clear and realistic policy for employees working from home
  • Make it easy for employees to seek help or advice should they believe they have suffered a cyber attack

Five cyber security measures to protect your business from an NHS-style attack

Sign up to our newsletter to get the latest from Business Advice.



Praseeda Nair is the editorial director of Business Advice, and its sister publication for growing businesses, Real Business. She's an impassioned advocate for women in leadership, and likes to profile business owners, advisors and experts in the field of entrepreneurship and management.

On the up