According to Deloitte, since the pandemic began, the number of spam, phishing, and fraudulent business emails employees receive while working remotely has increased by 25%. Weak home Wi-Fi security, unsecure passwords, and email phishing scams put work-from-home individuals at the most risk.
We often talk about cybersecurity on our blog. Why? Because over the years, it has become a significant cause of financial distress for small businesses. It’s been said that 43% of cyberattacks are aimed at small businesses. These attacks cost an average of $200,000. It’s no wonder 60% of small businesses that are attacked close within six months.
Circling back to how working from home has affected that risk, let’s be honest: Securing data is difficult enough at the worksite. When work heads home, your sensitive business data is at the mercy of individual devices, Wi-Fi, and other factors out of your control. This most often means:
- Home Wi-Fi networks that have weaker security protocols than you have at work, allowing easier access for hackers.
- Unsecure personal passwords or no passwords standing between cybercriminals and your data.
- Usual security measures that are disregarded. For instance, a quarter of employees working from home during the pandemic have felt the urge to print out sensitive data “just in case” the network goes down.
- Personal activity on devices that are also used for work opening your business to phishing, malware, and other threats.
- The absence of state-of-the-art virtual private networks (VPNs) and firewalls that otherwise protect business data when it’s on devices inside the walls of the business.
- The lack of security and software updates, data backups, and other tech maintenance practices that make a big difference.
- The use of apps, virtual tools and other cloud-based programs that may not be as secure as users think.
A year into the pandemic, you may feel confident in allowing at least some hybrid work-from-home arrangements to stick around. But be sure to plan around the data vulnerabilities it causes. You may want to:
- Check out the FCC’s Cybersecurity for Small Businesses tips, including training employees in security principles and using the most secure ways to store and share data virtually.
- Consider the validity of cyber liability insurance. Yes, it exists. If you’re in a susceptible industry—if you store valuable customer information, for instance—it might keep you in business if the worst happens. The U.S. Chamber of Commerce and FICO explain more here.
- Understand the tax consequences and opportunities. Losses due to data breaches can, for the most part, be deducted, but it’s a long and painful journey to get there. Preventative measures are also tax-deductible and a lot less painful to realize. Talk to your CPA about how to categorize the cost of hardware, software, training and other expenses you may need to secure your work-from-home staff.
Feel free to contact us with additional questions about business expenditures related to cybersecurity and how they may be tax deductible.