The coronavirus pandemic has forever changed the way we work. Individuals with desk jobs, in particular, now have more options in terms of where they work and live, and how they manage their time. Some will return to onsite facilities, while others will remain in home offices.
Organizations are now called to support a hybrid workforce future that offers potential benefits for both workers and enterprises. For example, employees are often more productive at home , and companies may be able to save on real-estate costs.
Yet, this landscape also comes with new security risks associated with less secure, at-home Internet connections and an expanded attack surface with numerous endpoints.
Participants agreed that the lack of a traditional security perimeter represents perhaps the biggest challenge to organizations in the hybrid work environment .
The loss of a clear perimeter will be a big hurdle. With people at home, the security threats could come from anywhere and any device!
Clare Brown @ClareBrownIDG
The perimeter has been coming down for the longest time. Which is why zero-trust network technology is becoming so popular.
Ben Rothke @benrothke
However, new risks come from employees who may be less attentive in a work-from-home environment, according to author and journalist Steven M. Prentice.
Wayne Anderson, security architect at Microsoft, also pointed to user behavior as a significant risk factor.
In other words, the perimeter can no longer provide the level of security that today’s organizations need.
What are the endpoint security challenges in the return-to-work and hybrid workforce? The IDG TechTalk participants cited user devices acting as Trojan horses as one of the biggest challenges facing IT departments in the hybrid work world.
A lot of these endpoints may have #malware that has been loaded on them. Now that they are back in the office, they can infect local devices. Industrial networks can be particularly susceptible.
Ben Rothke @benrothke
The risk is heightened the longer devices spend away from the protection of corporate networks. As enterprise technology leader Larry Larmeu tweeted:
As for the most destructive malware that can infect those endpoints, Rothke singled out ransomware.
Ransomware is as profitable as it’s easy. A single successful ransomware attack enables attackers in third-world countries to retire & support their entire family.
Ben Rothke @benrothke
What capabilities do IT security teams require to more easily manage and maintain endpoint security in the hybrid workforce? Employee training can effectively counter ransomware that targets user devices, according to TechTalk participants.
#ransomware is increasing & firms need to create a formal approach to deal with it. Ransomware targets the endpoint as it’s the mechanism to get into corporate networks. Ensure users are well-trained to deal with ransomware.
Ben Rothke @benrothke
Of course, training can only go so far. Technology, including artificial intelligence (AI), also has a critical role to play.
How does real-time visibility into endpoints benefit IT security teams and the hybrid workforce? Real-time visibility into abnormal usage patterns makes all the difference between a compromised company network and secure operations, participants agreed.
If you don’t have real-time visibility into #endpoints, threats will remain unknown and continue to propagate. You can’t stop what you have no visibility into.
Ben Rothke @benrothke
But no amount of visibility can compensate for bad decision-making, as senior technology leader Amélie E. Koran pointed out.
The issues are having automation or appropriate staff (& procedures) to address incidents or events encountered. That’s the challenge: Knowing how and what to automate. Visibility is only as good as the decisions it supports.
Amélie E. Koran @webjedi
In other words, technology depends on people to help secure the hybrid workplace. That includes employees with proper training to avoid phishing scams and other attacks that prey on inattentive users. And the right training and skillsets for IT professionals to keep an eye on abnormal activity that technology might surface on attacks in progress.
As technology advisor Arsalan Khan put it:
