SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Months on, many organisations still don't have secure remote access - report
Thu, 28th May 2020
FYI, this story is more than a year old

41% of organisations have not taken any meaningful steps to expand secure remote access for staff who work from home, according to new research released by Bitglass today.

The data indicates many organisations are struggling with the new normal, with a further 65% of organisations allowing enterprise managed applications to be accessed on personal phones, and half of organisations cite needing ‘proper equipment' as being a barrier to implementing effective remote access.

The report analyses the extent to which businesses were prepared for the sudden shift into remote working due to COVID-19 restrictions, and analyses how organisations have adjusted to support remote workers amidst the COVID-19 pandemic.

Asked what their organisations are primarily concerned with securing while employees work remotely, 65% of respondents said securing network access. This was followed by securing access to SaaS apps like Slack (55%) and bring your own device/personal devices (55%).

“This research indicates that many organisations are not implementing the security measures necessary to protect their data in the current business environment,” says Bitglass chief technology officer Anurag Kahol.

“For example, while respondents said the pandemic has accelerated the migration of user workflows and applications to the cloud, most are not employing cloud security solutions like single sign-on (SSO), data loss prevention, zero-trust network access, or cloud access security brokers.

When asked what the most concerning threat vectors for remote work were, 72% chose malware, and 59% cited unauthorised user access.

The report found that anti-malware is the most commonly-used tool to secure remote work, with 77% of respondents citing using it.

But researchers from Bitglass argue that even this statistic is too low, along with the less commonly used tools like single sign-on (45%), data loss prevention (18%), and user and entity behaviour analytics (11%).

The study also found that compliance may be an unintended victim of the remote working trend, with 63% of respondents saying remote work was likely to impact their compliance with regulatory mandates.

With the threat to security growing in tandem with the growth of remote working, organisations wishing to keep up with the remote working trend even after COVID-19 must invest in remote effective security solutions, says Kahol.

“84% of organisations reported that they are likely to continue to support remote work capabilities even after stay-at-home orders are lifted.

“To do this safely, they must prioritise securing data in any app, any device, anywhere in the world.”