The past year is likely to be remembered as a shining example of when IT teams large and small rose to meet an extreme challenge. Brought on by a COVID-19 pandemic, IT teams were required to move the bulk of the workforce to work from home (WFH) with only a few days of notice.
A survey of 400 IT professionals from small-to-medium enterprises conducted by JumpCloud, a provider of a directory platform, finds just over half of respondents (53%) said managing remote workers is the biggest challenge IT administrators faced over the past year. Two-thirds (66%) of respondents admit they are overwhelmed by the challenge of managing remote work. The next big challenge for IT teams is to enable employees to work from anywhere (WFA), anytime, forever.
Prior to the pandemic the number of employees that worked remotely were a small percentage of an overall workforce that sat within the confines of an office protected by firewalls and a raft of other cybersecurity technologies. Now that perimeter has all but been obliterated. The endpoint connected to a wireless network in the home that has typically been acquired and configured by an employee or a member of their family is now the edge of the corporate network.
Establishing Best Security Practices
Not surprisingly, three quarters of respondents have concluded remote work makes it harder for employees to follow good security practices. More than half (56%) of respondents also noted they are spending too much to enable remote work, while just under two-thirds (62%) noted they pay for more tooling than they need to manage user identities.
On the plus side, remote management (58%), security (56%), and cloud services (50%) are the top budget priorities for the coming year, the survey finds. As part of those efforts, just under a quarter of respondents (24%) said their organization has implemented a zero-trust approach to security, while a third (33%) are planning it. The top security concerns are software vulnerabilities (39%), employees using the same username and password across apps (37%), using an unsecured network (36%), and device theft (29%).
The issue that all IT teams continually struggle with is how to balance the need for increased security against the need to provide a work experience that employees will embrace, says Tom Bridge, a principal product manager for JumpCloud. In a lot of cases, IT professionals are not being paid enough to deal with this level of stress and the long hours that are often routinely put in, adds Bridge. “Compensation is an issue,” he says.
Also read: How to Protect Endpoints While Your Employees Work Remotely
Improving the Work Experience
In general, IT issues have become a bigger part of the hiring and retention conversation for all employees. It’s relatively easy these days for employees to find a new job, so if the IT experience is perceived to be subpar there’s a higher chance employees will leave to go work somewhere else. A recent survey of 1,003 individuals conducted by Eagle Hill Consulting, found more than three quarters (78 percent) of respondents said technology makes their job harder. Nearly two thirds (65%) said technology makes their day-to-day work experience frustrating, while more than a third (35%) said they are generally frustrated with the technology employed within their organization.
To improve that work experience, organizations, in many cases, use software-as-a-service (SaaS) applications that can be accessed from anywhere. Rather than requiring employees to log into a legacy application running in a local data center using a cumbersome virtual private network (VPN), organizations are employing a wide range of SaaS applications that are generally much more resilient in terms of availability. In many cases, VPNs are being replaced altogether by secure access service edge (SASE) networks that are managed via the cloud.
Some organizations have even gone so far as to swap out wireless network access points in the home with enterprise-class access points that can be managed via the cloud, notes Steve Brar, senior director for product marketing at Aruba. “Access points in the home are being replaced,” he said.
Also read: Securing Work-From-Home Networks to Safeguard Your Business
WFA Security Measures
Security is the top of mind WFA issue. A recent survey of 300 IT professionals, conducted by International Data Group (IDG) on behalf of Blackberry, finds well over half of respondents in the U.S. (58%) also noted the pandemic exacerbated problems caused by skills gaps and security awareness — with more than a third (35%) still unsure about the ability of IT infrastructures to securely support a remote workforce. As a result, the survey finds the bulk of IT organizations will be revisiting endpoint security in the months ahead. For example, 21% of respondents plan to implement endpoint detection and response (EDR) capabilities, while 31% are evaluating it. Nearly one-third (32%) have already implemented EDR.
Overall, Gartner is forecasting worldwide spending on information security and risk management technology and services will grow 12.4% to reach $150.4 billion in 2021. That comes on top of a 6.4% increase in cybersecurity spending in 2020.
Finally, organizations also need to make sure they have the data protection capabilities required to recover a pristine copy of their data in the event of a ransomware attack.
It will be up to each organization to determine to what degree they want to rely on their existing internal IT team versus the expertise of an external IT services provider to address their WFA requirements. In the last year managed service providers such as CRITICALSTART have experienced massive growth as more organizations realize that finding and retaining the appropriate level of IT expertise to securely enable remote computing is a major challenge, said company CTO Randy Watkins. “Our business is up 100% year over year,” he said.
One way or another, many IT environments in the weeks and months ahead are due for a makeover. The goal is to do nothing less than to provide a great, secure user experience that is available anytime from anywhere. Anything less than that is now simply unacceptable.
Read next: EDR vs EPP Security Solutions