The majority (84%) of US organizations expect a broader and more permanent remote work adoption after the coronavirus pandemic passes, despite spiked security concerns associated with working from home (WFH), a Pulse Secure report found.
SEE: Security Awareness and Training policy (TechRepublic Premium)
Pulse Secure’s 2020 Remote Work From Home cybersecurity report explored how various companies are responding to accelerated remote work adoption during COVID-19. The report also outlined key challenges, concerns, strategies, and anticipated outcomes with working from home.
The coronavirus pandemic undoubtedly expedited the popularity of remote work. More than half of organizations (63%) said they had up to a quarter of employees working in remote or at-home environments before the crisis, but three-quarters of the same organizations reported that more than 75% of their workforce is now working from home.
A third (33%) of organizations said they were not sufficiently prepared for such a rapid shift from on-premises to remote work. While they may not have felt prepared, the majority of companies (54%) said they successfully expanded capacity to fully support a remote workforce in seven days or less.
SEE: Coronavirus: Critical IT policies and tools every business needs (TechRepublic Premium)
Expanding the workforce wasn’t necessarily the biggest concern, but security was, the report found.
Security perceptions and issues
While 79% of organizations said they believed they had adequate WFH security preparations, 69% of companies said they are still concerned about security risks by users working from home.
The biggest security challenge cited by respondents was user awareness and training (59%). Other major concerns included home/public WiFi network security (56%), use of personal devices/BYOD (43%), sensitive data leaving perimeter (41%), and lack of visibility (33%).
The specific threat vectors organizations are most concerned with included malware (72%), phishing (67%), unauthorized user/privileged access (59%), and unpatched systems/vulnerability exploits (44%), the report found.
Malware and phishing weren’t too surprising as the top fears, since security experts have seen spikes in both malware and phishing attacks since the onset of the coronavirus. Some of the attacks are even COVID-19 themed, disguising malicious links as important virus information.
The applications companies were most concerned about, from a security perspective, included file sharing (68%), web applications (47%), video conferencing (45%), and messaging (35%), the report found.
One practice that many respondents in the report warned against was the use of personal tech for work. Some 65% of respondents said they allow remote employees to access work data from personal, unmanaged devices, but 46% said that practice brings a high security risk.
The top security controls companies said they deployed to secure remote work were anti-virus/malware (77%), firewalls (77%), virtual private network (VPN) (66%), and multi-factor authentication (MFA) (66%), according to the report. The majority of respondents (78%) said they employ the same level of security controls and data management for all roles in the company as they access remotely.
Future of remote work
While cybersecurity risks do exist, many organizations are implementing security measures as new information on threats comes out. Overall, companies see remote work as a good thing, with 38% of organizations saying they’ve seen higher productivity since the start of increased telecommuting.
The overwhelming majority (84%) said they believe WFH is here to stay, and 33% of companies already said they are considering making some positions permanently remote–that used to be on-site–after the pandemic ends.
As security issues evolve, more than half (55%) of businesses said they expect budgets for remote workforce security to increase over the next 12 months.
For more, check out How to safely work from home during the coronavirus outbreak on TechRepublic.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Kubernetes security guide (free PDF) (TechRepublic download)
- Information security policy (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- All the VPN terms you need to know (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)