A report released by Menlo Security highlights growing concerns about securing users as the trend for hybrid and remote working is set to remain. The new report, ‘Securing the new workplace reality’, presents the results of a survey of 545 IT decision makers in the US and the UK, including a third at C-level. It looks at attitudes to securing remote access to applications and resources and the adoption of zero trust solutions.
While most respondents (83 percent) say they are confident in their strategy for controlling access to applications for remote users, three-quarters are re-evaluating theirs in the wake of new ways of working and the growth in cloud application use. While half of employees are currently working remotely or adopting a hybrid approach, around two-fifths (42 percent) are expected to be continuing to do so in 12 months’ time.
According to the findings, three-quarters (75 percent) of organizations continue to rely on VPNs (virtual private network) for controlling remote access to applications, which rises to 81 percent for organizations of 10,000+ employees. For around a third (36 percent) of organizations a zero trust approach also forms part of their remote access strategy.
“It seems that most businesses are confident in their remote access security, yet are still relying on a traditional and inherently insecure way of doing things using VPNs, which give access to everything on a network,” said Mark Guntrip, senior director, cybersecurity strategy at Menlo Security. “With only a third currently using zero trust network access, there’s a real opportunity to provide users with access to only those applications and resources needed to do their job. When you start to adopt this approach across everything you do then your whole security mindset changes.”
The top reason for implementing a zero trust solution is improved security, according to 60 percent of respondents, regardless of whether they are using it or not. One third (32 percent) point to ease of use, while speed of access and scalability are both more widely recognised among those already adopting a zero trust approach. Significantly, 40 percent of respondents believe that implementing a zero trust solution places less pressure on IT.
Despite overall confidence by global IT decision makers in the robustness of their strategy for controlling application access for remote users, the research also shows that:
- Three-quarters of respondents believe that hybrid and remote workers accessing applications on unmanaged devices poses a significant threat to their organization’s security. Despite this, around a fifth still allow unmanaged devices – laptops, desktops and mobile devices – to connect to corporate applications and resources.
- While the majority (79 percent) of respondents have a security strategy in place for remote access by third parties and contractors, there are growing concerns about the risks they present, with just over half (53 percent) planning to reduce or limit third-party/contractor access to systems and resources over the next 12-18 months.
The survey was conducted among 545 IT decision makers from organizations with 1,000 or more employees across the U.S. (265) and U.K. (280). One third of respondents (31 percent) were C-level and the top three industry sectors were Manufacturing (15 percent), Banking & Finance (14 percent) and Healthcare (14 percent). Sapio Research conducted interviews online during August and September 2021 using an email invitation and an online survey.