Another big risk to work-from-home in South Africa

 ·25 Mar 2023

On top of near-permanent load shedding preventing many South Africans from working at home as often as they would like, growing incidents of cybercrime and insecure home networks are now also posing a big risk to work-from-home and hybrid work models.

According to cyber security group, Fortinet, almost two-thirds of companies in South Africa have reported data breaches due to work-from-anywhere (WFA) vulnerabilities.

South Africans are particularly susceptible to this because load shedding often forces WFA workers to more regularly alternate between various networks – fibre to mobile to public Wi-Fi – all of which create new dangers for attackers to intercept business communications or take on an unprotected device.

The group said that work from anywhere is likely here to stay, and the benefits could be great, but it stressed that cyber security needs to be a top priority as a result.

“It’s becoming quite the headache from a cybersecurity perspective,” said Doros Hadjizenonos, the regional director for Southern Africa at the cyber security company Fortinet.

“Only a third of employees in EMEA countries, including South Africa, have returned back to the office full-time. Most companies in this region allow for a mixture of remote work up to four days per week or even permanently,” Fortinet said.

This has driven companies to invest and develop their cybersecurity footprint. 94% of companies surveyed expect an increase in their security budget to accommodate WFA policies.

The group’s recent 2023 WFA Global study reported that South African companies make up a large sum of the 67% of companies in the Europe, Middle East and Africa region that have adopted a mixture of 1-4 remote work days per week or even a full-time remote work policy.

This is compared to other areas, where a return to the office is the general trend.

Hadjizenonos said that due to remote work, cybersecurity risks, including employees using company laptops for personal use, compromised family devices infecting an employee’s work PC, vulnerabilities of home networks and the lateral movement for malware to enter the corporate network, have raised concern.

“Perhaps the most startling finding from the survey is learning that nearly two-thirds (62%) of the companies have experienced a data breach due to their WFA vulnerabilities,” said Hadjizenonos.

The group’s Ransomware Survey Report found that these are the top business concerns for hybrid workers:

  • A lack of cybersecurity training;
  • The limitation of securing employees working off-site;
  • A lack of clarity on how to properly secure against a ransomware attack.

Other concerns include a lack of visibility across the distributed network, growing sophistication of the threat landscape, a lack of zero-trust access (ZTA), and an effective patching protocol, said Hadjizenonos.

South Africa is also unique when it comes to WFA policies, said Fortinet.

“Load shedding prompts WFA employees to be agile and able to move easily between their office, home and public Wi-Fi to stay connected,” said the cybersecurity company.

“They often also have to alternate between fibre and mobile networks. Shifting from one network to another does increase the danger for remote workers since they may need to use insecure and untrusted networks to access mission-critical corporate software,” it added.

Fortinet suggested that companies need to deploy solutions capable of following, enabling and protecting users wherever they are located.

Read: Government fails businesses in South Africa

Show comments
Subscribe to our daily newsletter