Remote work has become engrained into the fabric of how businesses operate today. And a lot of businesses have realized that the new operating environment doesn’t hamper worker productivity nearly as much as they initially feared. So much so that the list of companies allowing permanent remote status continues to grow almost daily. Understandably, the wealth of readily available remote access technology, seamless connectivity and even digital AR/VR tools are playing an instrumental role in enabling this ongoing shift.
Although embracing remote capabilities provides significant benefits, the grass isn’t all green, according to a recent report by Bitglass. The report analyzes how organizations have adjusted to support remote workers amidst the COVID-19 pandemic. Bitglass partnered with a leading cybersecurity community and surveyed IT professionals to understand how prepared their businesses were for the sudden shift, what actions they are taking in cybersecurity, and what their top security concerns are now.
According to research results:
- Malware is the most concerning threat vector, with 72% of respondents citing it as their top concern.
- From a remote work perspective, the application types that organizations are most concerned about securing include file sharing (68%), web applications (47%) and video conferencing (45%).
- At 77%, anti-malware is the most-used tool to secure remote work. However, this and other tools like single sign-on (45%), data loss prevention (18%), and user and entity behavior analytics (11%) are still not deployed widely enough.
- 63% of respondents said that remote work was likely to impact their compliance with regulatory mandates; 50% named GDPR, specifically.
- 84% of organizations will continue to support work from home, but 41% of organizations have NOT expanded secure access for remote workers.
Likewise, data protection and managed services provider Digital Guardian published a report created by aggregating anonymized telemetry from January 1, 2020 through April 15, 2020, via 194 global companies from some of the most data intensive industries. Notably, manufacturing organizations comprised more than 20% of the data set.
Chief takeaways include:
- 122% increase in employees copying company data to USB drives. 74% of that data was classified.
- 79% increase in data egress via all means (email, cloud, USB, etc.). More than 50% of observed data egress was classified data.
- 62% increase in malicious activity. This has led to a 54% increase in incident response investigations.
Managing the Road Ahead
Anurag Kahol, CTO and co-founder Bitglass, tells IndustryWeek, that despite 84% of organizations reporting that they are likely to continue supporting remote work even after stay at home orders expire study results show that organizations are not equipped to do so securely.
“To continue to support remote work in a safe fashion, organizations need to turn to comprehensive security solutions that provide granular security policies that protect data anywhere and in real-time. Simultaneously, these security solutions must be built upon architectures that ensure rapid deployments, minimal maintenance, high performance, and a seamless user experience that helps employees to remain productive and nimble,” he says. “A few specific examples would include identity and access management tools like single sign-on (SSO) and multi-factor authentication, cloud data loss prevention (DLP), zero trust network access (ZTNA), and cloud access security brokers (CASBs) that provide agentless deployment options (which work well for securing personal and remote devices). With these kinds of solutions in place, organizations can be confident that their remote workforces are operating securely.”
According to Digital Guardian Vice President of Cybersecurity Tim Bandos, security teams at manufacturing facilities should be focused on reducing the level of access to sensitive information that commonly resides on file shares and other data repositories. “We’ve seen a significant increase in employees syncing this data locally now that they are working from home. It’s critical to continue security awareness training and re-enforce company policies related to the proper handling of sensitive business information,” says Bandos. “Additionally, those in charge of protecting critical assets need to be more vigilant with analyzing system-generated logs to seek out any potential anomalous behavior and respond accordingly.”