What is this report?
The State of Hybrid Security for the Workforce 2021 Report looks at how organizations view the challenges and opportunities of hybrid employment as the need for a long-term plan to enable safe hybrid work becomes paramount. The independent third-party research firm ONR interviewed 3,000 corporate IT professionals from around the world. The study involved C-level executives and practitioners.
Why is it important now?
With the onset of the pandemic, remote work moved from being an optional alternative to convenience to a new standard, as it was often the only way many organizations were able to continue functional operations.
At this point in the pandemic, it has already passed the retrograde phase of the race to give employees access to enable remote work. Organizations are now grappling with the new normal, where employees expect to be able to work remotely, as well as in the office, in a blended approach.
Chasing down restrictions on temporary measures to enable remote work no longer makes sense. With the reality of the new normal kicking in, it’s time to take stock of what works, what doesn’t, and what’s next here.
Now is the time to calculate to identify the loopholes and figure out a strategy for what’s next. Securing hybrid employment is a very real thing that organizations and business leaders must confront if they are to attract and retain talent.
- The majority of organizations faced challenges in enabling secure access to remote work. The report found that 61% of organizations struggled to properly enable security to work from home at the start of the pandemic.
- Almost half (48%) of organizations admitted that they were at risk in terms of risk mitigation and security controls in order to enable remote access for employees. To make matters worse, 35% of organizations indicated that their employees deliberately disrupted remote access security measures.
- On a positive note, 71% of organizations report that employee satisfaction has increased since switching to remote work, which is a good thing because only 15% expect to return to traditional, informal processes. The report also found that 44% of organizations expect to keep more than half of employees away, and the majority expect to support a hybrid environment.
- Looking ahead, the majority of organizations (71%) responded that the expectation is that security will be handled predominantly in the cloud over the next 24 months as the move continues to secure a mixed workforce.
Our advice to leaders:
Make hybrid business insurance a strategic opportunity
Look beyond a traditional VPN
In the past, enabling remote access simply meant saving VPN resources. Today, with hybrid work as the norm and applications on premises and increasingly in the cloud, a traditional VPN approach is not enough.
During the pandemic, legacy applications located in data centers are starting to fail. Users would try to access their usual apps via VPNs, and many of these apps were latency sensitive and, therefore, meant to be accessed locally or over a low latency connection. Backhaul VPN structures have been a poor match for the workforce trying to do their jobs from home.
Cloud and Software as a Service (SaaS) applications have also been affected as VPN users’ traffic is moved to the data center, only to be routed back to the Internet. This led to the painful challenge of remote users turning off the VPN so that they could improve the performance of accessing cloud and SaaS resources. As a result, many users were directly accessing SaaS services without any enhanced security at all. This has created a vision gap and gaps in the security postures of organizations. Simply put, companies can’t secure what you don’t see.
For these reasons, organizations need to look beyond the old VPN approach to a more modern and flexible access approach that provides security and visibility no matter where the traffic is, whether to the data center, to the cloud, SaaS, or the web.
Use the cloud to secure hybrid work
The report clearly showed that organizations are increasingly planning to take advantage of the cloud to secure remote and hybrid work. The cloud helps organizations provide availability and flexibility in an approach that scales as needed.
Cloud-delivered security is a very parallel mindset to cloud adoption for IT business applications, where there is limited capacity on premises. While the cloud can be more cost-effective, the biggest advantage often has to do with flexibility, giving organizations the ability to scale on demand as situations and usage patterns change.
Secure your work environment at home with zero confidence
More often than not, working from anywhere means mixing home access with corporate access, which can pose a security risk to the organization. Today, it is extremely important to be able to ensure that home workers are as safe as they were at the time.
This means having the right approach to security for access, no matter where the user is. The Zero Trust approach ensures that only identity-based access is granted to applications, and security is constantly monitored and evaluated. Policies based on a Zero Trust strategy can help reduce risks in the home environment, providing a layer of inspection and control every time a device attempts to access a corporate resource.
standardization and rationalization
It’s time for IT leaders to head over to their teams and gain a clear understanding of what they already have. Although the initial response to the pandemic was a reaction, now is a moment to take stock of the enterprise application, security landscape, and what provides access to users no matter where they are, whether they are at home, in a branch, or anywhere in between.
Rationalizing the purpose and use of solutions that exist today presents a real opportunity for standardization – something that was not seriously present before. Many organizations will be able to achieve better results around security posture, reduce risk and improve total cost of ownership.
Standardizing the number of disparate tools used to provide secure user access improves the consistency of the security situation and reduces the number of policies that must be managed. Besides reducing management efforts and multi-product training required, the platform approach leads to improved economies of scale, resulting in lower total cost of ownership. Net-net, the integration provides a more efficient approach to security.
Refocus on the digital agenda
Savings from consolidation can and should be reinvested in digital transformation – especially those projects that were put on hold in order to respond to the urgent need to send workers home at the start of the pandemic. Instead of providing overlapping and redundant resources for remote work, IT resources can be reinjected into digital initiatives that help move business forward. Improved resources can be leveraged for initiatives such as moving applications from on-premises deployment and restructuring them to be modern cloud-native applications.
what Hybrid Workforce Security State 2021 The report clearly shows that many organizations faced challenges in securing remote workforce. Simply put, there are too many organizations in the same boat.
Now is the time to solve the challenges and embrace hybrid work in the right way so that employees can work effectively. By leveraging cloud-based security technology that enables a Zero Trust approach that can help secure all application and home user traffic, organizations will be able to focus on what matters – pushing their digital agendas forward.
Read the full Hybrid Workforce Security Status Report here.