Embracing the Everywhere WorkplaceIt seems despite the changes in the traditional office environment and challenges employees have undergone personally to transition during the pandemic, workforces are enjoying working remotely – and, in many cases, it has even boosted productivity. A work-from-everywhere model allows organizations to be able to recruit talent from anywhere, removing limitations of searching for employees that may live within commuting distance. The Ivanti Everywhere Workplace survey found 37% of respondents travelled to a location away from home and set up shop to work during the pandemic, and 21% moved to a new city or state – meaning companies that embrace the remote office have a competitive edge against other organizations seeking similar talent. Widening the search perimeter for talent can also help diversify workforces enriching culture and innovation. A more diverse employee base contributes to better to a healthier bottom line. Diverse companies are 70% more likely to capture new markets than organizations that do not actively recruit and support talent from underrepresented groups. However, alongside the benefits that hybrid working brings there is a significant threat to cybersecurity. In the new age of the Everywhere Workplace, employees are using numerous devices to access applications and data over a variety of networks, in multiple locations. As a result, companies are challenged with keeping employees productive, but also secure.
Strain on securityIn the initial transition to working remotely due to the pandemic, most organizations modernized their IT help desks to provide rapid support to employees regardless of location. This update put pressure on IT and tech teams were overwhelmed with additional work. Within our survey, about a quarter of employees stated they are contacting IT support between one and three times a month for various tech issues, including password resets, Wi-Fi issues and the inability to access company data. These interruptions compromise productivity but also organizations’ overall security. An overwhelming number of employees (84%) admitted to attempting to resolve their own IT issues while working from home – not only does this distract employees from their own workloads, but they may also unwittingly download unsafe or unverified applications and put company data in risk of a security breach. Cybercriminals fully understand that staff working from home are outside the traditional corporate perimeter. In fact, within Verizon’s 2021 Mobile Security Index Report, over two-thirds of surveyed respondents said risks associated with mobile devices had increased over the past year, and over 50% said mobile device risks are growing faster than any others. This increase is due in part because hackers know employees working remotely take additional risks like working on loosely secured devices and launch specific attacks aimed at them, like smishing (SMS based phishing attacks). Further research conducted by Ivanti in December 2020, found that 87% of CISOs also agree that mobile devices are now at the center of their cybersecurity strategies due to remote working. The increased attack on mobile devices puts employees’ credentials, like usernames and passwords at risk which can also increase the risk in a corporate data breach. Nearly 80% of CISOs agreed passwords are no longer an effective or secure means of user authentication for access from mobile devices to company data. In fact, passwords are the leading cause of data breaches. Passwords are responsible for 81% of all hacking-related data breaches. So, what can organizations do to decrease risks, whilst maximizing the productivity of IT teams and employees?
Mitigating risk, maximizing resultsWith a remote, dispersed workforce, companies are at higher security risk – it’s unavoidable. It’s clear that a majority of devices that employees rely on today to do their jobs aren’t protected from advanced breaches, malware, or phishing attempts. Breaches that start on mobile devices and compromise privileged credentials can go undetected for months and end up costing companies millions of pounds.
But there are steps that can be taken to reduce risk. For example, companies can ensure every potential access point to critical information and systems is from an authenticated user and secure device, regardless of where employees log in by implementing a zero-trust security strategy. Zero-trust takes the whole context of the user’s environment into consideration, not just unconnected pieces of data, before granting access.
Zero-trust is the only security framework that can enable companies to effectively defend against the onslaught of attacks and enable a trusted and secure Everywhere Workplace. With a zero-trust strategy, organizations can discover, manage, and secure devices while delivering optimal personalized experiences for employees.
Companies can also pair a zero-trust strategy with additional security features like passwordless authentication and automated verification of secure networks, achieving constant threat detection while providing a simplified and positive user experience for their employees.
The workplace of the future exists everywhere, and flexibility will be key to success. Employees want to continue to work remotely, but there is room for improvement. By providing employees with the tools for success to work from anywhere, with a security framework underpinning the processes, companies ensure the ecosystem protects employee’s productivity and protects the business.
- We feature the best business VPN.