Despite the downsides of replacing on-premise work with remote work, 84% of companies anticipate a consistent expansion of remote work practices, according to a 2020 Remote Work-From-Home Cybersecurity Report published earlier this week.
More than 400 IT professionals and security leaders from various industries such as financial services, healthcare, manufacturing, high-tech, government and education were polled in the survey, providing insights on how their enterprise has transitioned, and on their security challenges, concerns and predictable outcomes.
As COVID-19 was officially declared a pandemic, business leaders from across the globe were forced to implement overnight changes to their infrastructure, letting most employees work from home in an effort to halt the spread of the disease.
While 33% of organizations reported they were not adequately prepared for such a rapid shift to a WFH environment, 54% said they successfully expanded their capacity to fully support the increased workforce in a week or less. Additionally, 38% of businesses experienced productivity gains and other benefits, and 33% are considering making some of their job positions permanently remote, even after the health crisis ends.
Although 79% of organizations said that they had sufficient security preparations for remote work, 69% show serious concern over security risks introduced by workers.
When asked what security controls IT professionals deploy to secure the new home-office environments, the top-ranked security controls were anti-virus/ anti-malware solutions (77%), firewalls (77%), virtual private networks (66%), and multi-factor authentication (66%).
In terms of security challenges, 59% of organizations consider user awareness and trainings their number one issue. Insecure home/public WiFi networks (56%) and use of unsecure personal devices (43%) that could lead to data leakage were also listed as big security challenges.
As much as 78% of the respondents state that “they enforce the same level of security controls for all roles that access remotely.” However, increased concerns regarding the proliferation of multiple attack vectors were mentioned. Two thirds of IT professionals surveyed anticipate malware, phishing, unauthorized user and device access, and unpatched/at risk systems as the most “exploitable work-from-home attack vectors.”
In the matter of work applications and exposure, the research shows that businesses are also worried about file sharing (68%), web apps (47%), and video conferencing (45%), risks that could further contribute to security incidents such as unauthorized access and data leaks.