Almost two-fifths (39%) of British business decision-makers have sacked employees because they breached corporate security policy during the pandemic, according to new data from Centrify.

The IAM specialist polled 200 UK respondents to find out more about how COVID-19 and mass remote working has impacted corporate cybersecurity.

Over half (58%) of respondents admitted that employees are more likely to try and bypass enterprise security practices when working from home.

That may explain why nearly two-thirds (65%) said they had made major changes to their cybersecurity policy to take account of their newly distributed workforce.

Changes to policy could include updates to remote access and authentication, which 57% of business decision-makers said they are currently trying to implement. Multi-factor authentication (MFA) is regarded as industry best practice in helping to mitigate the risk of phishing and brute force attacks on RDP and corporate user accounts, for example.

A further 55% of respondents told Centrify that they are planning to formally ban staff from using personal devices to work from home.

This could also help to reduce cybersecurity risk as personal IT kit might be less well secured than corporate equivalents, and potentially used by other members of the household who may engage in risky online behaviour.

Centrify VP, Andy Heather, argued that humans continue to be the weakest link in the corporate security chain.

“With more people than ever working from home and left to their own devices, it’s inevitable that some will find security workarounds, such as using personal laptops and not changing passwords, in order to maximize productivity,” he added.

“It’s also possible that the changes in security procedures are not being communicated well to employees, and many are practicing unsafe internet usage without even realizing.”