What are the Security Pitfalls that Stem from Remote Work?

The SailPoint Technologies study released in November reflects on the security pitfalls that stem from remote work. It covers how the transition to remote work amid lockdown has opened a cybersecurity pandora’s box with security and compliance gaps surfacing, paving the way for potential data breaches.

Are you using your personal devices for work?

Whilst we can all now better work-from-anywhere the reality shows that we all are wearing more than one hat throughout the day – as a working professional, parent, caregiver, teacher etc. So we’re invariably sharing devices with our spouses, children and other family members daily.

  • 1 in 3 employees stated that they use their computer and smartphone to enable remote work, with 17% using a computer and smartphone owned by their employer.

Targeted phishing emails, calls and texts are on the rise

With every major event or crisis, criminals will look to take advantage of through targeted scams and phishing attacks – one of the largest threats posed to businesses today can be their employees.

  • 48% of total UK respondents said they had experienced targeted phishing emails, calls or texts in a personal or professional capacity during the first six months of remote work.

  • 7% of total UK respondents said they were targeted by one or more every week.

Employers - Is your team unaware of the risks with their work devices or what a phishing email is? Security awareness training helps your employees become more cyber aware and become a confident line of first defence for your company.

Keep those passwords to yourself!

Even during a pandemic, your employees shouldn’t be sharing passwords with team members (or with family at home). This report found that 24% of people shared work passwords with partners, flatmates, friends or someone else. This also reminds us that we should be regularly be changing our passwords (using a password manager will help make life easier tracking this).

🔐 44% of respondents have not changed their password in over six months.

Are you doing enough to protect your staff?

  • 34% of UK businesses promote staff cybersecurity protection through regular password resets.

  • Just 28% of UK businesses had given regular cybersecurity training to staff.

  • Only 18% of UK businesses had introduced staff to more secure access for files and folders.

Too many employers are operating with protocols which are severely lacking in the vital cybersecurity requirements demanded by the way we’re all using technology today. Employers need to enforce more password resets, regular security training, and providing employees with a more secure approach to accessing files and folders when working remotely. It’s a big challenge for employers and it shows a large oversight for who has access, who should have access, and what they are doing with that access.

Employers - Is your team unaware of your security policy? Do you have a security policy? Is it shared with new employees when they join your company? We can help you with a Security Policy Review to ensure your policies are modern and robust to protect your business and your employees.

Download the SailPoint Cybersecurity Pandora’s Box of Remote Work Report.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of Cyber Resilience Centre for Greater Manchester (CRCGM) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. CRCGM provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

CRCGM does not accept any responsibility for any loss which may arise from reliance on information or materials published on this website. CRCGM is not responsible for the content of external internet sites that link to this site or which are linked from it.


Cyber Resilience Centre GM, Manchester Technology Centre, Oxford Rd, Manchester, M1 7ED

0161 706 0940


Registered in England & Wales No.12309263.



  • LinkedIn
  • Twitter
Greater Manchester Logo Light.png

© 2021 - The Cyber Resilience Centre for Greater Manchester