For a decade, companies have discussed the theoretical merits and issues. For some companies, work-from-home was a periodic luxury, for others a way...
For a decade, companies have discussed the theoretical merits and issues. For some companies, work-from-home was a periodic luxury, for others a way of doing business. While there will need to be plenty of further discussions on the nature to company culture and identity in a hybrid work environment, it seems safe to conclude that it’s going to remain the norm moving forward.
With so many people now entrenched in the new “work-from-home” culture, there will inevitably be a group of people that want to remain, even after offices reopen.
A survey done by Global Workplace Analytics, a research-based consulting firm focused on preparing employers for a hybrid work environment, found that 88% of employees are working completely remote.
Even though many companies had already starting their transition to support this norm with “cloud-first” or even “remote first” decision making, these transformations take time due to the size and scope. With the massive scale of the 2020 office exodus, even those who had these transformations under way were left scrambling. In a recent Cisco report, a little over half of companies surveyed confessed to feeling only “somewhat prepared” for the shift they went through in the last year.
Of the companies surveyed by Cisco, 85% reported that cyber security is a renewed area of focus, saying that it was “extremely important” or “more important than it was before the pandemic.” While it is easy for people to log in from home rather than work, the technology, capacity, and plan to secure everything is not an overnight reality. The perimeter expanded in a way that it hasn’t before.
Work that happened primarily on managed endpoints is now happening on unmanaged ones. New applications have been deployed quickly, possibly without the typical time it takes to assess potential new blind spots. When these things happen, the attack surface available for exploit increases and the risk of breach, compliance violations, or other issues that might impact company reputation goes up.
The sudden re-distribution of the workforce in 2020 HAS caused a spike in malicious activity – with big, medium and small companies reporting jump of 25% or more in cyber threats or alerts since March.
If you’re like most companies, you’ve had to make some fast changes to ensure business resiliency.
Whether it’s been deploying new security, rolling out collaboration tools, leveraging the cloud more, and/or any of the above, the changes made have been timely and necessary.
The purpose of this eBook is to talk through what’s next. It’s one thing to patch the leak, it’s another to build a strategy to support and thrive in our new hybrid work paradigm. The sudden remote work reality of 2020 is driving long-term changes in cybersecurity changes and presents every organization with a timely inflection point. This is a unique opportunity to jumpstart business and security strategies to truly support the digital-first world that we find ourselves in now. The time is right now. Business leaders are focused on making remote workers as successful as possible and this means they are open to new ideas and thinking about distributing company resources in new ways.
66% of business, regardless of size, are planning to increase their investments in cybersecurity over the next 2 years
Hybrid’s been around, but this is a new normal.
Supporting both remote work and a central campus has been a common trend in most industries but the distribution of individuals within that paradigm has always been skewed towards office work. 2020 showed a remote work paradigm was viable to BOTH employers AND employees.
The offices might open back up, but the distribution of workers is unlikely to return to the old paradigm.
It’s imperative that security teams have a strategy to support this.
We recommend addressing the following four critical challenge areas in your strategy to secure remote workers – 1) unsecure connections, 2) compromised credentials, 3) limited or no visibility or control from the internet to the endpoint itself, and 4) resource/time shortages.
In our digital-first world, the ability to verify the identity of every user regardless of location is paramount.
After verification, it’s imperative to make sure the connection is secure, no matter the device.
Third, your new strategy to securing remote work moving forward also needs to include the ability to do prevention and response against threats from the cloud edge and at the device level.
Lastly, as with any time of change, use it to your advantage and look for ways to increase automation, free up resources and focus your security teams. The shift we’re in is a dramatic one and trying to accommodate two or more work realities rather than just one is sure to bring additional burden unless done in a manner that scales with efficiency, rather than effort.
After analyzing the responses to our remote work study, five tactical steps emerged that are easy for any business to act on and increase their security profile in this new hybrid work environment.