Return to Offices Triggers Endpoint Security Concerns
Security risks associated with remote employees accessing the enterprise from inadequately walled-off home networks has exposed many organizations to cyber threats, Blackberry said in a new report on unified endpoint security (UES).
Many companies have been forced to tentacle their IT security staff to meet the support needs of a widely distributed workforce, owing to escalating risks from poorly secured desktops, laptops, smartphones and other network connected devices, BlackBerry’s report, entitled How UES Protects Shifting Work Environments, said. Some not only currently support a sizable remote workforce but expect to continue to do so in the next six months.
Indeed, early on in the pandemic many organizations expected a shift to remote working would be a temporary adjustment but that has proven not to be the case, the report said. On average, more than 30 percent of organizations in the U.S., Canada and the U.K. are currently working from home. U.S. organizations expect that nearly one-quarter (23%) of their workers, compared to just 19% now, will be working from home in the next six months. In other words, security remodeling is likely here to stay.
Based on input derived from 300 IT professionals in the U.S., U.K. and Canada surveyed in November – December, 2020, organizations want technologies that “offer better visibility and control over remote desktops, laptops and mobile devices, faster security patching and stronger user authentication and privilege management,” the report said.
Here are some of the study’s key findings:
On a distributed workforce.
- 90% of respondents are concerned (35% very concerned) about workers returning to the office with unpatched systems and out-of-date software and devices.
- 35% were unsure about the ability of IT infrastructures to securely support a remote workforce.
- Roughly 20% of employees use a personal PC and 20% a personal device to access corporate data.
- 58% of respondents from U.S. companies and 43% from the U.K. described the pandemic as exacerbating problems caused by skill gaps and security awareness.
- Nearly three-quarters (74%) of respondents from financial organizations, 62% of respondents from manufacturing and 57% from IT companies have similar concerns over skills availability and security awareness.
“The concerns likely stem from the growing pressure on security teams to support a larger distributed workforce while also battling ransomware, distributed denial-of-service attacks and other threats directed at the enterprise network,” BlackBerry wrote.
- Nearly one in five employees (18%) at the average organization in the U.S., Canada and the U.K. are using a personal PC to access corporate data, and 20% use a personal smartphone for that purpose.
- Because personally owned PCs, laptops and smartphones aren’t as protected as those on IT-managed systems, corporate data on these systems is more vulnerable to data theft and leaks than data on IT-owned and IT-managed endpoints, BlackBerry said
On threat detection.
- The IT security team is a decision-maker in less than one-quarter of organizations across all three regions.
- 24% of U.S. and Canadian-based respondents and 20% of U.K. respondents said the IT security team is responsible for the remote access function.
- 45% of U.S. respondents and 40% in the U.K. said faster threat detection is the top benefit of better endpoint visibility while 46% of Canadian respondents pointed to stronger user authentication and privilege management.
- 82% of organizations want their endpoint detection and response (EDR) technology to support traditional endpoint devices and mobile devices.
- 43% expect consolidating incident detection and response to help lower total cost of ownership (42%), enable broader device support (41%) and stop the spread of attacks (40%). More than 80% consider these capabilities as essential or critical requirements for future endpoint security products.
- 11% have deployed UES, 27% plan to and 37% are currently evaluating the technology.
- 43% expressed a preference for sourcing UES components from a single vendor while 40% preferred working with multiple vendors.