Skip to main content
close search
site logo
Dive Brief

Companies overestimate ability to manage remote worker security

Published March 2, 2021
David Jones's headshot
Reporter
CC0 Public Domain Free for commercial use No attribution required Pixabay

Dive Brief:

  • Companies in the U.S. and U.K. overestimated their ability to handle remote work, with 73% reporting new challenges in IT security, according to research from endpoint management firm Tanium in partnership with PSB Insights. The firms surveyed 500 IT decision-makers in the U.S and U.K. 
  • Companies in the U.S. and U.K. have observed a string of risky cyber practices by remote workers, ranging from clicking on phishing emails to storage of sensitive data on laptops and using inappropriate administrative access. Two-thirds of companies have boosted their cloud investments to try and regain control over security. 
  • "For the majority of the last year, companies were just trying to keep the lights on," said Egon Rinderer, global vice president of technology and federal CTO at Tanium. "But at a certain point in time, the fog lifted and many businesses realized this new era of remote, cloud-based work is here to stay."

Dive Insight:

The COVID-19 pandemic was a reality check for IT and cybersecurity executives, as 88% of IT managers were confident in their ability to handle remote work before lockdowns began a year ago.

Remote workers are building dangerous habits that are compromising data security to become more productive, including disconnecting from corporate VPN's, according to Rinderer. Workers are also granted too much administrative access in order to reduce pressure on company help desks. 

As a result, workers are engaged in risky behavior, including the downloading of unsanctioned apps and failing to update apps or apply security patches. 

"This is unsurprising given the shift to remote work, but these behaviors do open up businesses to potential risks, and its imperative that enterprises invest in modern solutions that are not degraded when dealing with remote endpoints in order to mitigate these issues quickly," Rinderer said. 

A separate study commissioned by CloudSphere shows another perception gap, as enterprises are increasingly vulnerable to data breaches due to poor enforcement of identity and access management (IAM) policy. 

While 78% of respondents claimed they were able to enforce IAM policies, 69% said enforcement issues led to unauthorized access, according to the CloudSphere study of 303 IT professionals worldwide conducted by Dimensional Research. 

The study found 32% of enterprises had unauthorized access to cloud resources and 19% had no idea whether unauthorized access took place. 

"There is a dramatic mismatch between the perception of cloud access control and the reality of policy enforcement failures," Keith Neilson, technical evangelist for CloudSphere said. "Enterprises think their policies and enforcement strategy are working, when in reality their policy enforcement failures are contributing to unauthorized access."

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Breaches
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell