COVID-19 has changed the way that we work. Since the crisis began, employees all over the world have transitioned to a remote work environment and, as a result, work habits and collaboration with colleagues have changed drastically. Because of the unprecedented impact COVID-19 has had on the workforce, we thought it was a great time to launch a global survey to see exactly how habits have changed since shelter-in-place.
OneLogin surveyed several thousand adults who have now transitioned to work from home due to COVID-19 to determine just how much work habits have changed. Like, how often are people changing their WiFi passwords now that they have to access corporate data from their homes? Are folks using work computers for casual browsing and media streaming?
So it seems there is good news and bad news.
The bad news is that out of 4,000 responses from the US, UK, France, and Germany nearly one-quarter of them, 976 out of 4,000, had never changed their password. The default passwords of most WiFi routers out in the market are well known. If you never change the password, those with bad intentions can connect to your WiFi, steal data, and infect your system with viruses. This obviously poses a significant risk to businesses asking their employees to access corporate data from home.
The good news is that nearly half of the respondents, 1,902 out of 4,000, had changed their password in the last six months. Periodically changing your WiFi password is a good security practice. As mentioned previously, many default WiFi passwords are already known, plus, if you are like most people, you may have even shared your WiFi password out to a neighbor or two. Your neighbor might not intentionally be trying to attack your network, but their actions could open your network to a breach.
How can you ensure your employees are connecting through a secure connection?
One of the simplest actions you can take to ensure your employees are connecting to your corporate data securely, is to require that your users connect to a Virtual Private Network (VPN) in order to access company resources and applications. A VPN can ensure that at least the network traffic that is related to company work is secure and cannot be captured by any bad actors that have infiltrated a home network. Identity and Access Management (IAM) systems, like OneLogin, can enforce policies that require users go through a VPN to access all their applications or just perhaps a few that you are most concerned with. OneLogin can also provide a RADIUS endpoint that can be configured to work with your VPN solution. As a result, your users can log into the VPN using the same credentials they use to log into OneLogin and you can enforce multi-factor authentication when they log into the VPN.
We know that transitioning your workforce to work from home has been a struggle for many. While we know that just enabling remote work was top priority at the beginning of shelter-in-place, you need to make sure that your data and resources are secure. Keep in mind that you can’t control your users’ home networks the way you can secure your office networks. As we found in the survey, even though many are conscious of securing their home networks and performing basic tasks like changing passwords periodically, nearly 25% of people surveyed have never changed their WiFi passwords and are vulnerable. Now is the time, if you have not done so already, to at least ensure that the network connection to your company’s data and applications is secure with a VPN. You can see an example of how this can be done in a recent blog post about how one of our partners was able to transition a customer and their workforce to work from home and how easy it was with the help of OneLogin.