Five big remote work security challenges and how to address them

Dec. 21, 2021
All organizations should employ security tools that can protect data anywhere it moves

The rapid transition to remote work since March 2020 has created a new normal for organizations, which now confront decisions on when to return to the physical office, if at all, and in what capacity. According to PWC, research shows that when faced with the option of fully remote, fully onsite or hybrid work, employees overwhelmingly pick a hybrid model, suggesting all organizations will need to adapt to a range of remote and in-office preferences that may change depending on pandemic conditions and a range of other factors.

This flexibility, once a luxury, is now a necessity. Workers require secure access to data from anywhere using cloud applications, and their productivity depends on both their ability to stay secure and the quality of their experience, including the speed and reliability of their network connections. Is modern infrastructure ready for permanent remote work? Here are five remote work challenges that need to be addressed first.

  1.  The Great Resignation

Described as the so-called “The Great Resignation,” the supposedly mass movement of employees rethinking their jobs, employers and work-life balances in light of the pandemic is not only a fascinating psychology study—it’s also a security risk. In the last 30 days of employment, employees that have resigned from their jobs upload 3x more data to personal apps. Specifically, Google Drive and Microsoft OneDrive instances are the most popular targets. As this trend continues, there are extensive potential security risks to monitor as users leverage personal cloud apps to take data with them when they leave.

Therefore, an organization’s security architecture must provide context for apps, cloud services, and web user activity, and apply Zero Trust controls to protect data wherever and however it’s accessed. By having more secure internal security controls, companies can prevent data loss before it starts, especially as organizations continue to stay remote or implement a hybrid model.

    2. Using Home Wi-Fi Networks without Jeopardizing Security 

Perhaps the biggest draw to the work from home model is the convenience of working anywhere - as of June 2021, at least 70% of employees have continued to work remotely. Unfortunately, it is well-known that public wifi usage on company devices leaves gaps in cybersecurity protection. Prior to the remote shift, secure in-office Wi-Fi networks gave peace of mind to employers. Now, employees are using their own home and public Wi-Fi networks to remain productive, without the protections that may come with an employer’s network. By adopting a Zero Trust security model, enforced with continuous and consistent internal security training, organizations can take a proactive step in protecting their business from such threats.

The ideal state is one of continuous adaptive trust, in which organizations use context to achieve a real-time, continuous view of data access requests, the risks they create, and how to mitigate those risks. This includes identifying users, classifying the data being accessed, and looking at the applications used on the network. This will help organizations better understand who is causing the risk, where it is coming from, why they are taking specific actions, and how this may affect company data.

  1. Shadow IT

Organizations with 500–2,000 employees now use on average 805 distinct cloud apps per month, 97% of which are shadow IT apps that are freely adopted by business units and users. This leaves massive gaps that IT professionals in an organization are unable to monitor, making it easier for malware to infiltrate a company’s network.

In order to combat these threats, organizations need to implement cloud data protection (DLP) for sensitive data from internal and external threats across the web, email, Software as a Service (SaaS), and public cloud services. This can be done by implementing granular policy controls for data protection, including controlling how data moves to and from apps, between company and personal instances, users, websites, devices, and locations. Simultaneously, DLP must be implemented for sensitive data from internal and external threats across web, email, SaaS, shadow IT, and public cloud services to make an impact on an organization’s security posture.

  1. Ineffective and Irregular Risk Assessments

Organizations must ask themselves when the last time was they performed a risk assessment of their cybersecurity systems. Most companies do not perform or review their risk assessments often enough. Cybersecurity is not static; it is constantly evolving just like modern attackers, which requires constant monitoring.

 with that said, risk assessment is a crucial factor to a company’s security architecture that must be integrated into cyber practice. Organizations should consider using advanced analytics to visualize and uncover app and data activity risks, threat activity, data protection violations, key security metrics, and investigative details. In addition, training employees regularly while encouraging them to flag suspicious activity in the cloud will help IT teams stay one step ahead.

  1. Workload exposure

More than 35% of all workloads are exposed to the public internet within AWS, Azure, and GCP, with RDP servers—a popular infiltration vector for attackers—exposed in 8.3% of workloads. As an organization adopts cloud services, it’s increasingly important to evolve access to key enterprise applications – no matter where they are. Moving beyond legacy virtual private networks (VPNs) for remote network access, to a modern, application-specific model is essential as an organization uses applications within data centers and public clouds.

This means utilizing Zero Trust Network Access (ZTNA) for private apps in data centers and public cloud services. ZTNA provides an additional level of security that cannot be achieved by a VPN alone because it has the ability to authenticate any company device regardless of location, which can significantly reduce exposure of apps and limit unwanted network lateral movement.

The future of work will remain uncertain. All organizations should employ security tools that can protect data anywhere it moves and regardless of whether work stays hybrid, remote-first, or office-first. Addressing these five remote work challenges is an actionable set of steps to take now.

About the author: Ray Canzanese is the Threat Research Director at Netskope.