A new Lenovo and Intel commissioned study, “Empower Your Employees with the Right Technology,” conducted by Forrester Consulting, has found that the impact of technology in improving the employee experience (EX), or an employee’s full journey in an organization, is much more than anticipated — highlighting opportunities for organizations’ IT decision makers (ITDMs) in today’s remote and hybrid work environment.

The key insight points out that while companies on average see a 5x return on investment in the EX driven by increased productivity, organizational agility and customer satisfaction, ITDMs and employees disagree on technology priorities. While ITDMs are prioritizing strategic IT integration, software and service needs, employees are more focused on their fundamental daily technology experience.

This suggests that business leaders have room to collaborate more closely with employees on their IT purchase decisions to elevate team engagement, increase customer satisfaction and improve the bottom line.

Bridging the divide between employees and IT decision makers

With organizations now shifting their focus toward remote and hybrid work, ITDMs are upgrading devices, software and services as part of EX initiatives to improve team engagement and satisfaction. Based on the research findings, this has led to more tech spending. IT leaders are reporting a 5x return (USD $1 spent on these programs yields USD $5 of increased staff productivity, organizational agility and customer satisfaction), with many expecting to increase their investment by nearly 25 percent in two years.

Yet employees still report that they’re frustrated with their PC hardware and software experience:

• Fifty (50) percent of respondents say their PC devices are out of date or insufficient (e.g. not fast enough, reliable enough or powerful enough)
• Forty-six (46) percent note their software frequently malfunctions and disrupts their work
• Only 33 percent are extremely satisfied with the current laptop provided by the company
• Only 30 percent said their laptops or desktop work well for cross-collaboration.

Importantly, ITDMs and employees both define employee satisfaction with technology as a crucial goal. Satisfaction with technology also has the greatest observable positive impact: nearly 60 percent of ITDM respondents noted a more than 10-percent increase in EX scores by improving employee satisfaction with technology. It’s evident that IT departments and the technologies they offer are instrumental to driving EX, beyond conventional factors such as human resources, worker benefits and more.

Yet again, there is a clear disconnect between employees and these ITDMs, whose primary concerns are the longevity of their technology investments rather than its impact on team engagement. According to the study, whereas 84 percent of ITDMs believe employees can easily switch to a different PC device if their current one needs to be replaced, only half of employees agree that’s an available solution. Ultimately, both ITDMs and employees agree that refresh cycles can be improved and better aligned. In addition, ITDMs believe the integration of hardware and software will impact EX the most, whereas employees simply want devices that work consistently.

Prioritizing employees to better leverage technology investments

The study outlines a few key recommendations on how business leaders can better improve employee engagement and business outcomes through technology investments.

• Realign investments. While many ITDMs are investing resources into exploring newer, emerging technologies such as 5G, augmented and virtual reality (AR/VR), and artificial intelligence (AI) or machine learning tools, based on worker respondents’ feedback there is an opportunity to focus first on immediate employee priorities—building a strong foundation of collaboration tools and PC devices—while IT departments explore more advanced technology tools in parallel.
• Reorganize priorities. Decision-makers should also focus on improving EX vs only focusing on specific productivity metrics. In fact, according to the study nearly 80 percent of ITDMs plan to focus on improving employee engagement over the next few months.
• Focus on PCs. PCs have become critically important to employees, with 77 percent of full-time employees saying that PC devices are a critical factor in their daily work and collaboration with one another. A renewed focus on PCs can make the greatest impact on the bottom line and customer satisfaction, with most respondents agreeing that PC devices are critical to increasing customer satisfaction (69 percent), revenue growth (62 percent) and employee retention (55 percent).
• Involving employees in PC investment decisions. Overwhelmingly (72 percent) of employees responded that listening to workers or getting clarity on what they need ranks in the top three of what companies should do to improve EX. This feedback is important, as employees understand their work devices’ value in driving business outcomes, based on technology factors such as performance, connectivity, reliability, portability, size/weight, battery life and more. Listening to employee feedback can go a long way towards making the case for better technology options.

“Our new study findings further affirm our belief in the strategic importance of technology as critical investments, and not as simple transaction costs. The right deployment of technologies delivering returns can far exceed the initial expense of new business models and opportunities,” said Christian Teismann,  President, Commercial PC and Smart Devices Business, Lenovo. “Given employees are a company’s greatest asset, the study further maps out opportunities to uplift the return on technology investment by focusing on PC devices and collaboration tools, while better involving employees in purchase decisions. In today’s new remote and hybrid work set-up, these steps are pivotal for companies in yielding opportunities that go far beyond the initial spend on their technology.”

Due to the global pandemic, nearly two-thirds of companies have moved half or more of their employees to telework. Sixty-two percent of employed Americans, for example, say they have worked from home during the crisis, with the number of remote employees doubling between March 13 and April 2 of 2020, and this is not just a temporary change. Nearly a third of all organizations with remote workers expect that half or more will continue working from home after the pandemic. 

The security implications of such a dramatic transition in such a short period of time cannot be overstated. Under normal circumstances, moving an entire workforce from secure IT environments to home networks with very little cybersecurity would take long-term planning and preparation. But that was not an option in 2020. As a result, 32% of respondents to Fortinet’s 2020 Securing Remote Work Survey found that setting up and managing secure connectivity to be the most challenging aspect of switching to telework.  

Part of the problem was that the devices at the company’s core network were not designed to manage the volume of VPN connections required. As a result, many connections were not secure. Or even if they were encrypted, existing firewalls were incapable of inspecting VPN tunnels to ensure they weren’t being used to deliver malware – at least not without significantly slowing down connections. 

But the other part of the challenge is that many home networks were not setup to support the bandwidth requirements of VPN, let alone bandwidth-hungry business applications such as video conferencing. In addition, end user devices (many workers began working from home using a personal device) were often unpatched and unsecured as were other devices connected to the home network. These challenges made home networks an ideal target for cybercriminals. 

Cybercriminals Are Targeting Remote Workers 

And as one might expect, threat researchers saw a significant shift in the behavior of cybercriminals. According to the latest Threat Landscape Report from FortiGuard Labs, global sensors detected that the top attack targets identified in the first half of 2020 switched from targeting corporate devices and applications to things like consumer-grade routers and devices such as DVRs normally attached to home networks.  

There was also a significant increase in attacks targeting end users that used concerns about the coronavirus to lure them into clicking on malicious web links or open attachments infected with ransomware or other malware.

Part of the problem was that the devices at the company’s core network were not designed to manage the volume of VPN connections required. As a result, many connections were not secure.

The FortiGuard Labs team saw an average of about 600 new phishing campaigns per day during the spring. And because home users were no longer protected by corporate security devices, web-based malware became the most common attack vehicle, outranking email as the primary delivery vector used by cybercriminals for the first time in years.  

And because many devices attached to home networks don’t get patched or updated as frequently as corporate devices, the most common exploits detected so far in 2020 have targeted older systems. Nearly two-thirds of attacks targeted vulnerabilities disclosed in 2018, and a quarter targeted vulnerabilities from 2004. 

Seven Recommendations for Remote Workers 

During the last several months, IT teams have been scrambling to close the security gaps in their remote worker strategy. But while 92% of organizations report budget investments to address teleworker security, end users are still the front line of any security strategy – and never more so than now. Here are a few suggestions of what they can do to reduce risks. 

1. Learn to Spot Attacks: Many organizations are sponsoring training programs to help their workers identify suspicious emails, websites, text messages, etc. In addition, there are free programs available online to provide end users with essential security training and information. And make sure everyone at home using the network, from roommates to children, get cybersecurity training as well. 
2. Harden Passwords: Another easy step is to simply make passwords harder to guess, and also use different passwords for different accounts. To manage these passwords, use a secure password management system that can remember passwords. Then all anyone needs to remember is the login information for that one application. 
3. Use Multi-Factor Authentication (MFA): Also known as two-factor authentication, MFA combines something a user knows, such as a password, with something they have, such as a fingerprint or a security token. MFA should especially be used when accessing financial information or logging onto the company network. 
4. Patch Home Devices: Have users look at all of their devices at home and make sure they are running the latest versions of their operating systems. Even gaming and entertainment systems have options that let users check to see if they are running the latest version. 
5. Secure Home Networks: This is probably a good time to consider adding or upgrading a security application to protect the home network and devices from attacks. In addition, many home routers now include gateway security which should also be enabled. Some cable operators and internet service providers also provide free security. Remote workers should make sure that logging onto the home WiFi requires a password. They should consider an email gateway that can detect and filter out malicious email attachment and links. 
6. Improve Device Security: New advanced endpoint security solutions, known as endpoint detection and recovery (EDR), not only provides better threat detection, but also prevents infections that manage to get onto your device from executing their malware. EDR solutions should not only be applied to remote worker devices, but also on other endpoint devices in the home.   
7. Upgrade Internet Connections: Remote workers should consider upgrading their internet service so they can run business-critical applications even when others are streaming movies or playing online games. Companies should consider providing funds to help offset the cost of a bandwidth upgrade. 

Enhance Your Remote Work Security Now 

Cybercriminals will continue to target remote workers, with no signs of letting up. Adding these seven steps to any corporate security strategy is the right way to begin protecting today’s distributed networks that include remote workers. 

Since the pandemic began and the majority of people’s lives was forced online, cybercrime has soared. The Cyber Division of the FBI recently released to incredible statistics on what they are seeing during the pandemic. At one point, the division was getting up to 4,000 complaints of cyberattacks a day. That number is a 400% increase from the number of complaints before the pandemic started.

It is not just a US issue either. The European-based international police organization, Interpol reports that “with organizations and businesses rapidly deploying remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, generate profits and cause disruption.”

The global pandemic has forced people to work from home and criminals are taking advantage of this with a growing number of attacks.

These statistics and statements both point to the same thing. Cybercriminals are taking advantage of the fact that people are working from home and using that to their advantage. They are using ransomware, phishing scams, malware, and more to gain access to companies’ systems for profit.  

Who are Cyberattackers Targeting?

The short answer is, ransomware attackers will attack anyone with a computer and an internet connection without thinking twice about it. Big companies, small businesses, nonprofits, municipalities, and even individuals are all seen as potential targets. This is a crime designed to make the criminals money so the more people and organizations they attack, the more chances they have that their ransom will be paid.

That said, there are institutions that these criminals are attacking at a much higher rate and with much more intensity than others. Right now, because of how hectic these organizations are due to the coronavirus and how many people they have – many of whom are working from home – these places are more susceptible to attacks than others. This includes large, multinational companies, the healthcare industry, schools, and local governments.

Recent Attacks

No one can be sure from the outside that all the recent, major cyberattacks are due to working at home. Only when a skilled cybersecurity company like MonsterCloud reviews the attack can the true source of the attack be found. However, the sheer increase in successful attacks paired with the COVID-related stay-at-home orders makes it a good bet that the two things are related.

Here are some tips to deal with (possible) cyberattacks:

Tip #1: Make Sure Systems are Up to Date

Still hitting “Remind Me Tomorrow” on that system update prompt the computer has been reminding about since the pandemic started? If so, it’s way past time to install any updates that are needed.

Tip #2: Make Sure Anti-Virus Software is Up to Date

The tip is to keep anti-virus software up to date, but that is assuming the software is being used. If not, stop reading this right now and go install one. Anti-virus software is the easiest way to protect from hackers. Like in most situations, the criminals will always be ahead of the people trying to stop them but anti-virus software will catch the majority of attacks before they harm the system.

Tip #3: Watch Out for COVID-19 Phishing Scams

When MonsterCloud reviews the ransomware attacks that have happened during the pandemic, the company has found that many have started with pandemic-related phishing emails. These emails are designed to take advantage of people’s curiosity and thirst for knowledge about pandemic-related topics.

Tip #4: Watch the Wireless Internet 

Whether logging onto the internet-based cloud or a company’s in-house servers to access the company’s systems, chances are people are using WiFi to do so. Securing WiFi is of critical importance when working from home. If the home WiFi is not password protected, that is something that needs to be done. If it is, make sure that the password is a strong password and not the default one the router came with. Using something like an address or “password1234” is also not a good idea.  

Conclusion

Cybercrime, especially ransomware is a huge problem right now. The global pandemic has forced people to work from home and criminals are taking advantage of this with a growing number of attacks. By following these few simple tips though, everyone can be better prepared to work from home and have less of a chance of being the cause of a cyberattack on their company.

Unfortunately, even if people follow all these tips and more, cybercriminals are so good at what they do these days, someone may still find themselves the victim of a ransomware attack no matter what they do. If this happens, don’t panic. Don’t pay the ransom. Don’t leave it to an in-house IT department. Call the cybersecurity experts.