Cybersecurity & Fraud Concerns with Remote Workers in the Wake of COVID-19

April 9, 2020 | Article

As the coronavirus pandemic impacts the way we do business, many organizations are making plans to address the safety and security of both their employees and their customers. One of these methods is through remote working arrangements.

Fraud Challenges with Remote Work Setup

Does your office look like a ghost town with staff working remotely?

Have you changed the way you handle your accounting and financial processes?

Do you have concerns your internal controls may be weakened with the new environment?

If you answered “yes” to any of the above questions, you are not alone. These are common issues organizations are encountering with the new work environment and limited resources/segregation of duties.

Many organizations have closed their offices and employees are working out of their homes. This new work environment creates challenges with internal controls due to limited employee interaction, new processes implemented, and resources available outside of the office.

Some common fraud challenges organizations are now encountering include:

  • Reconciliations are not being performed due to the availability of records.
  • An urgency to complete a task, i.e. providing a benefit check to a recipient, takes precedent over following the process and adhering to the internal controls.
  • Payroll timesheets, especially for hourly workers, are being approved with very little review of work performed.
  • Inventory management and counts are not being performed due to limited staff/oversight of this area.

There are fraud prevention and detection measures your organization can implement to help improve your internal controls.

We have developed a checklist your organization can review that covers key accounting and financial processes susceptible to fraud. After performing the checklist, if you identify any questionable transactions or concerned with any process, this will help you prioritize what areas to examine further.

We’ve developed a checklist to help identify potential areas susceptible to fraud.

Forensic accountants can assist your organization with any fraud prevention or detection measure. They can perform these tasks remotely, utilizing specialized software and data analytics tools.

Have concerns about potential fraud in your organization?

Cybersecurity Challenges with Remote Working Situations

Essential to remote working arrangements is the security and protection of your data during this transition. Enabling employees to work remotely can expose your organization and data to new cybersecurity risks. In a recent study, it was reported that more than one in three organizations (36%) have dealt with a security incident due to an unsecured remote worker. The right security solutions and training can help to proactively defend against these threats.

There’s much to consider when it comes to a remote workforce. This video outlines key remote workforce considerations.

Security Risks to Consider with Remote Working Arrangements:
Four of the biggest security risks to consider when moving users to work remotely include:

  1. Ensuring secure connectivity and data transfer. The “office” may be remote, but data still needs to be protected. Security is not the default for most technologies. Organizations should take the initiative to implement tools and solutions that will facilitate the security of data for remote workers. These solutions should be tailored to your organization’s needs and operations.
  2. Training and educating your workforce on how to be secure when working offsite. Each remote worker has a role to play in securing your organization’s data. Remote workers need to understand the steps they should take to protect their home network. Helping employees understand risks and suspicious behavior will help both of you succeed.
  3. Verifying the identities of remote workers when they connect to your systems. It’s essential to add additional controls for authentication with remote workers. Take the initiative to implement solutions that will provide multiple factors or methods for authenticating users.
  4. Providing technical support to remote workers. Where will you guide your staff when they have an issue at home? What if they have trouble logging into an application, if their keyboard stops working or if they can’t connect to their own home WiFi? Ensure you have a plan for communicating and getting them the help they need to increase productivity.

Your business security is a key concern in the wake of COVID-19.

Items to Consider When Safeguarding Against Cyber Threats
You might also consider asking yourself the following questions to ensure you’ve safeguarded against potential cyber threats:

  • What are the key applications my staff will need to access remotely? Focusing on what is needed and how to secure those connections with remote workers will help to ensure valuable time isn’t spent trying to provide or secure a solution that won’t be used. Align your risk mitigation to the systems and solutions employees will be using.
  • Which of our employees needs remote access and how can we limit their permissions to only those systems and data necessary to perform their responsibilities? System access and permission should be based on roles and job responsibilities. Having remote workers compounds this necessity and reduces the risk and exposure if an account is compromised.
  • Are my employees using their own or company issued computers? How you secure each type of device is different. In addition, while it may be more costly up front to provide company computers/laptops, it may be more economical in the long run and it provides greater protection which can be invaluable.
  • What can remote workers do with my data? Are they able to copy sensitive or proprietary data to an unsecure location like their personal computer or Dropbox account? Providing workable solutions for employees will help ensure data resides in approved, secure locations.
  • What solutions have we put in place to secure email from malicious actors? Scammers are taking advantage of these times to target users with phishing emails and fraudulent activities; email is any easy target.

Keep Cybersecurity Top of Mind When Working Remote
With today's business climate, peace of mind and the right solutions can help establish calm during tumultuous times, like the coronavirus pandemic. It’s important to have a critical conversation and ensure the right systems and procedures are in place to protect your organization with remote workers. 

Ensure you have the proper safety measures in place for remote working arrangements.

Stay current on your favorite topics

SUBSCRIBE

Learn More

See what more we can bring to organizations just like yours.

Higher Education

Take a deeper dive into this Insight’s subject matter.

Cybersecurity Fraud & Forensic Advisory