It’s been a year since the remote migration began, but IT managers are still worried about the security of their dispersed workforce. A recent BlackBerry report found that 35 per cent of organizations are questioning if their IT infrastructure can securely support their remote employees.
The first big issue is still human error. Although companies have ramped up their efforts to increase security awareness, 58 per cent of U.S. respondents and 43 per cent U.K. respondents said that the pandemic has highlighted the skill gaps in security awareness. In many cases, simple tools such as VPNs and basic security know-hows aren’t enough to keep an organization’s data safe.
While U.S. and U.K. respondents noted a need to increase employee training, Canadian companies are more worried about hardware security. Forty-eight per cent of Canadian companies listed insecure home network equipment as their biggest concern. Additionally, 73 per cent of managers in the healthcare sector are concerned about how the rapid migration towards cloud services will affect security.
According to the survey, 41 per cent of Canada’s workforce is now working from home compared to just 19 per cent in the U.S. But due to the population difference, there are more remote workers in the U.S. than in Canada. Once the pandemic ends, 32 per cent of the Canadian workforce will remain fully remote, further increasing the complexity of security structure.
The issue is exacerbated by mixing in personal devices at work. BlackBerry found that on average, one in five employees is using personal computers and smartphones for work. Personal devices have always posed a security risk due to the lack of enterprise-grade protection. But they now pose an even greater threat as they’re no longer behind the confines of a hardened enterprise network.
Unification at the perimeter
With the future workforce moving towards hybrid, IT managers hope that unified endpoint security solutions can keep their organization safe from end to end.
IT managers are also concerned about employee devices spreading malware after they return from lockdown. A majority of respondents said they’re considering quarantining devices and apply appropriate security measures before allowing them to connect to the internal network.
One popular combination seems to be a mix of endpoint protection mobile threat detection (MTD) and endpoint detection and response (EDR) technologies.
Many organizations today already use EDR. The BlackBerry survey revealed that 32 per cent of organizations in North America and U.K. have some form of EDR solution, with 21 per cent planning to implement and 31 per cent evaluating its viability.
MTD trails in adoption but is gaining serious interest in the current security landscape. Currently, 16 per cent of organizations use MTD, but 28 per cent reported that they plan to do so and 31 per cent are already evaluating. The report suggests that MTD will be a critical component in preventing personal mobile devices from compromising an organization’s internal network.
Still, even with these measures in place, a third of organizations responded that they want to protect devices from being compromised in the first place by using a separate endpoint protection solution.
But organizations want more. Over 80 per cent of organizations want EDR technology to support both traditional devices as well as mobile devices. BlackBerry expects that demand to persist in the future as the hybrid/remote workplace continues to thrive.
Given the widening attack surfaces, combined with the increased number of remote devices, organizations want solutions that give them remote access to work devices, including personal ones. Although this would speed up troubleshooting and maintenance, it also puts personal privacy into question.
On the U.S. side, 45 per cent of respondents underpinned faster threat detection as the top benefit. Canadian organizations noted its stronger user authentication and privilege management, with 46 per cent of respondents claiming it as the top feature.
The survey showed that organizations value ease of management even more than cost when selecting an endpoint security technology. The choice makes sense as a complex, poorly streamlined solution would not only impede workflow but also require more attention, which could drive up cost in the long run.