A new culture of hybrid work patterns has emerged, bringing new opportunities to innovate and improve wellbeing. According to research by Gartner, 51% of US knowledge workers are projected to work “hybrid,” and 20% to work fully remotely in 2023. However, with these new freedoms come new priorities for security teams.
Securing the enterprise has become more complex because the perimeter has become blurred. The endpoint is the center of the hybrid worker’s world, making it a preferred target for attackers. In fact, 84% of security leaders say the endpoint is the source of most security threats and where the most business-damaging cyber threats occur. This is exacerbated by the fact that the devices frequently do not receive the protection provided by the enterprise perimeter, leaving them vulnerable to attack.
The risk of employees being in a more relaxed environment with no colleagues to consult makes them more susceptible to clicking on risky links or opening attachments containing malware. Two-thirds (66%) of IT and security leaders say the greatest cybersecurity weakness in their organization is the potential for hybrid employees to be compromised. They cite phishing, ransomware, and attacks via unsecured home networks as the top risks. Employees are not just working from home but also in cafes and airports, and perhaps even living the digital nomad lifestyle abroad.
However, organizations appear to be focusing their investments on securing hybrid work. Four-fifths (82%) of security leaders have increased budgets specifically for hybrid workers, and 71% expect this focus to increase further in 2023. Budgets need to be targeted at the right tools, with a focus on making the endpoint front and center of any hybrid security strategy.
Better remote management of devices has become both more complex and necessary in the hybrid era. Cloud technologies have helped to reduce the workload here, but they’re not 100% effective. Some 70% of security leaders say hybrid work increases the risk of lost or stolen devices. Finding or securing the data on these devices could be impossible, which is a significant risk if they contain personally identifiable information (PII), intellectual property (IP), or trade secrets.
IT managers need to find a new way to connect with remote computers over cellular networks, which means devices can be managed even when turned off or offline. Crucially, such functionality could be used to connect with lost or stolen devices and then lock and wipe them. This will not only reduce the risk of data leaks and breaches, it can lower IT costs by reducing the need for PC remediation or replacement.
Around 80% of organizations already claim to have deployed different tools and policies to protect hybrid working staff, but these tools and policies require a move away from old perimeter-focused thinking. The endpoint must become the focus for applying protection in the hybrid era. Adopting hardware-enforced security features and protection above, in, and below the OS, such as application isolation, will be key for protecting users without impinging on the freedoms that hybrid work allows.
Nearly two-thirds (61%) of organizations say protecting their hybrid workers is going to get harder over the coming year. By enhancing remote management and adopting hardware-enforced security, they can unleash user productivity without inviting extra cyber-risk. At a time when sustainable growth is critically important to all businesses, we need to optimize the hybrid workforce.