The COVID-19 pandemic forced millions of Australians to work from home, but the rapid shift has triggered security concerns as workers use instant messaging and virtual meeting software to share sensitive information.
Nearly one in three (29 per cent) workers have been reprimanded by their bosses for their use of collaboration tools like Zoom and instant-messaging apps, new research from data-management company Veritas Technologies has revealed.
Additionally, 66 per cent of workers admitted to having shared business-critical information over the platforms.
“The global pandemic has changed the way we communicate, with business data now sprawled across different locations as employees use collaboration and video-conferencing tools more than ever before,” Veritas Technologies ANZ managing director Pete Murray told Yahoo Finance.
“Unfortunately, when sharing business-critical data and sensitive personal information over these tools, including Teams, Zoom, Slack and email, employees aren’t thinking about the consequences before hitting send.”
Examples of information that employees had shared:
25% Date-of-birth information
15% Client details
12% Medical information
11% Business plans
11% Salary information
12% COVID-test results
13% Bank details
8% Company credit card details
6% Bank PIN
9% Corporate passwords
Online collaboration tools often don’t offer lasting records, so agreements made can pose legal and compliance issues for companies.
That means discussions around a pay rise, or a job change can be difficult to track down the line.
Similarly, falling for a scam while using company IT equipment and messaging apps poses challenges.
Australians have lost $281 million to scams in 2021 so far, well above the total $176 million lost in 2020.
“Something as simple as clicking on an unsuspecting link can result in a landslide of long-term issues for a business, ranging from financial detriment of ransom demands, to the loss of critical company data or damage to the brand’s reputation,” Murray said.
Businesses need to ensure employees understand how to appropriately use collaboration tools, without sharing sensitive information, he added.
“Cyber criminals … recognise that they can extort more money by hitting businesses with ransomware,” he said.
“It is critical for businesses to monitor their network and keep all their software up to date.”
Veritas suggests employees never respond to suspicious messages via Teams, Zoom, Slack, email or text message from people they don’t know and to avoid clicking attachments in suspicious messages.
If a worker does receive one of these communications, the best move is to directly call the person the message has come from - if they are from the same company - and validate the request.
“As scammers become more strategic, employees must be continually vigilant when it comes to cyber security and company IT equipment,” Murray said.