Throughout the pandemic, we witnessed a massive shift as companies moved online. Businesses were forced to reinvent themselves with digital consumer-facing portals, and restrictions forced work-from-home policies across the globe. Now, two years in, some companies have embraced a decentralized workforce as the new normal. For example, Airbnb recently announced that employees are free to permanently work from wherever.
This new era of remote work brings many benefits to quality of life. But what’s troubling is that it still poses a significant quandary of balancing flexibility with security. A housebound workforce necessitates a massive influx of employee-owned or company-issued devices, and remote access to company networks poses a misconfigured risk.
New remote collaboration tools and software also carry potential threats that must be mitigated. Even digitally-native organizations are puzzled as to how to effectively secure the soup of remote workers, external contractors, and third-party software required to conduct business in this distributed age.
The 2022 Global State of Security Report, conducted by Infoblox and CRA Business Intelligence, shed some light on network security for work-from-home conditions. According to the report, monitoring remote access is seen as the top challenge in protecting corporate networks against threats or attacks. Below, I’ll review the study’s major takeaways to see how organizations are actively mitigating risks brought on by work-from-home, now two years into the pandemic.
The State of Remote Work
The COVID-19 pandemic truly uprooted normalcy for most knowledge workers. Since the pandemic started in 2020, 52% of organizations have accelerated digital transformation to support remote workers, the report found. In the socially distanced era, “radical decentralization” has become commonplace to stay afloat. In addition to the pandemic, worker shortages and The Great Resignation have combined to influence more flexible working arrangements.
Throughout the pandemic, 49% of organizations deployed remote corporate-owned mobile devices to their corporate network. Although company devices may be easier to tighten, employee-owned devices also increased. 44% of companies added remote employee-owned devices to their network in the past 12 months.
Companies have taken many measures to cope with digital transformation and remote work. For example, 27% added smart kiosks or similar devices to support remote customers, and were likely to enable touchless experiences. The report also found that businesses have added more resources to the network and company databases, increased support for customer portals, hired more IT staff, and moved workloads to cloud service providers. 26% even say they have closed physical offices due to the pandemic.
Coordinating the Decentralized Workforce
To increase security for remote work, IT has adopted a splattering of different approaches. Firstly, protecting the network has been key. As such, 50% of organizations added VPNs or firewalls to their network in the past 12 months. As more and more devices are added to equipment fleets, perimeter-level security must be tightened.
In general, most organizations have doubled down on their efforts in Internet Protocol (IP) management. As such, 40% of organizations now utilize a cloud-managed DDI server, and 26% added an internally-managed DDI server. For those unfamiliar, DDI incorporates the following components:
- Dynamic Host Configuration Protocol (DHCP) helps configure devices on the IP network automatically.
- Domain Name System (DNS) translates domain names into uniquely numbered IP addresses.
- IP Address Management (IPAM) for managing the assignment and use of IP addresses.
Top Cybersecurity Concerns
The threat landscape is vast and varied in today’s interconnected economy. But of all the potential cyber threats, organizations are most concerned with data leakage — 49% of respondents rated it as their topmost concern. This is likely due to the high penalties and loss of reputation that data breaches can incur. Data leakage is followed by ransomware (39%), attacks through remote worker connections (36%), and attacks through cloud services (34%).
Unfortunately, some organizations are unequipped to handle these threats. 23% of respondents feel they are least prepared to defend against ransomware in the next 12 months. This is followed by data leakage (16%), remote connection attacks (14%), and advanced persistent threats (APTs) (10%). APTs include organized threat actors, such as nation-states or hacking groups that gain access to a system for an extended period of time.
The report found that in the last year, on average, an organization suffered five unique incidents, many of which were due to phishing scams and credential stealing. But where exactly do these breaches originate? These incidents arise within a number of vulnerable locations, but weak WiFi is often the weakest link of the company network — 32% of organizations say WiFi was the access point to an attack. Cloud infrastructure, remote endpoints, and third-party supply chain providers are other most common entry points.
Investments In Remote Work Protection
Many InfoSec departments are working with a lack of budget or shortage of security skills. There’s also a general lack of visibility into worker device activity, which could stunt threat detection. As such, 78% of respondents in the U.S. expect their cybersecurity budgets to increase in 2022.
Interestingly, no specific cybersecurity category stands out as remarkably more important than the others. According to the report, leaders are looking to invest in a wide array of solutions:
- Network security tools (36%)
- Secure web gateways (34%)
- Network traffic (32%)Provisioning (32%)
- Access control and data encryption (29%)
- Threat intelligence solutions (29%)
When it comes to securing on-premise environments, popular purchase options include DNS security (28%) and network security (26%). Conversely, data encryption (37%) and cloud access security brokers (36%) are the most popular investments for cloud-based security.
The report also found that Secure Access Service Edge (SASE) is becoming more popular to protect remote access — 65% were planning or piloting such a program. We will also likely see additional investment into Domain Name Systems (DNS) — 40% of respondents planned to purchase a hybrid version of DNS security in the coming year. In comparison, 27% cite opting for the cloud-only version.
Final Thoughts
As the report spells out, “information security as it existed before the pandemic isn’t coming back.” Organized cybercrime has become a lucrative and, at times, state-sponsored activity. And, in time, hackers will inevitably leverage new vulnerabilities exposed within work-from-home setups. What’s frustrating is that getting ahead of information security is a game of cat and mouse, since cyber attacks seem to become more and more complex as the protection systems level up.
These currents underscore the need for active threat mitigation and response plans. The good news is that organizations appear to understand the severity of data exposures and are quick to issue fixes — 79% say they can respond to an incident within 24 hours. In addition to quick incident responses, the findings suggest that protecting remote work will take a combination of improved DNS perimeter defenses, cloud and network protections, and SASE frameworks.
Then, hopefully, we can all work from home with a bit more peace of mind.
The 2022 Global State of Security Report surveyed 1,100 IT and cybersecurity excision makers. Above, we focused primarily on the U.S. version of the report. For more global insights, readers can pick up the international version here.
Want more cybersecurity insights? Visit the Cybersecurity channel: