The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets. The State of Remote Work Security Report reveals the status of organiations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more.

Key findings include:

• Almost three-quarters of organizations are concerned about the security risks introduced by users working from home; despite these challenges, 86% are likely to continue supporting remote work in the future.

• Key security challenges cited include user awareness and training (57%), home/public WiFi network security (52%), and sensitive data leaving the perimeter (46%).

• The applications that organizations are most concerned with securing include, file sharing (68%), the web (47%), video conferencing (45%), and messaging (35%).

• More than half of organizations see remote work environments having an impact on their compliance posture (70%). GDPR tops the list of compliance mandates (51%).

• Organizations prioritize human-centric visibility into remote employee activity (34%), followed by next-generation anti-virus and endpoint detection and response (23%), improved network analysis and next-gen firewalls (22%), and Zero Trust Network Access (19%).

DRAMATIC INCREASE IN REMOTE WORKFORCE

It is no surprise that in the last year many organizations have made the shift to a remote workforce. One year into the pandemic, 57% of organizations have over 75% of their workforce remote. A year ago, 57% of organizations report that 25% or less were remote.

FUTURE OF REMOTE WORK

Many organizations are seeing the benefits of having a remote workforce. Ninety percent of organizations are likely to continue remote working in the future.

SECURITY RISK CONCERNS

More than three-quarters of organisations are moderately or more concerned about the security risks introduced by users working from home

SECURITY CONCERNS

Network access (69%) tops the list of concerns when it comes to securing remote employees. Bring Your Own Devices (BYOD) and personal devices (60%), applications (56%), and managed devices (51%) are also a concern for a majority of organizations.

RISKY APPS

The applications that organizations are most concerned with securing include file sharing (68%), the web (47%), video conferencing (45%), and messaging (35%). This is not surprising, as these are fundamental business applications that all organizations rely upon for a productive workforce.

REMOTE SECURITY

Security breaches at the endpoints are a source of concern for many organizations as they look for securing their corporate assets. Therefore it is no surprise that organizations are most concerned with exposure to malware or phishing risks (39%) followed by protection of data, especially when accessed by unmanaged endpoints (36%).

NEW SECURITY RISKS

The biggest security concerns due to the shift in the numbers of remote workers include data leaking through endpoints (68%), users connecting with unmanaged devices (59%), and access from outside the perimeter (56%). This is followed by maintaining compliance with regulatory requirements (45%), remote access to core business apps (42%), and loss of visibility of user activity (42%).

KEY SECURITY CHALLENGES

Key security challenges cited include user awareness and training (57%), home/public WiFi network security (52%), and sensitive data leaving the perimeter (46%).

WHAT MAKES REMOTE WORK LESS SECURE

The main reasons that make remote work less secure are: users start to mix personal use and corporate use on their work laptops, increasing the risk of drive-by-downloads (61%), users are more susceptible to phishing attacks at home (50%), the organization no longer has visibility since most remote workers operate outside the corporate network (38%), and users that are furloughed pose an increased risk of data theft (25%).

IMPACT ON COMPLIANCE

Just about three-quarter of organizations see remote work environments having an impact on their compliance posture (70%). GDPR tops the list of compliance mandates (51%).

SECURITY CONTROLS IN PLACE

When we asked organizations about security controls, most are using a variety of security controls to protect remote work scenarios. A majority of respondents (80%) use anti-virus/antimalware, firewalls (72%) and virtual private networks (70%) to propery secure remote workfrom-home. Those to follow directly are multi-factor authentication (61%), endpoint detection and response (56%), and anti-phishing (54%), among others.

CYBER TECHNOLOGY PRIORITIES

In order to better protect against new threats, organizations prioritize human-centric visibility into remote employee activity (34%), followed by next-generation anti-virus and endpoint detection and response (23%), improved network analysis and next-gen firewalls (22%), and zero trust network access (19%).

Thank you to our partners, Nucleus Cyber for this key data.

Nucleus Cyber, an archTIS Limited company (ASX:AR9), is a provider of advanced information protection solutions that prevent data loss and protect against insider threats. The company’s NC Protect solution leverages existing technology investments to provide a simpler, faster and cheaper solution to tailor information protection for file sharing, messaging and chat across collaboration tools. For midsize to large enterprises and regulated industries it protects business-critical content in cloud collaboration tools Microsoft Office 365—SharePoint, Teams, OneDrive, Exchange and Yammer, plus Dropbox, Nutanix Files and Windows file shares.