Working remotely has posed security challenges for IT leaders, finds Thales Survey. According to a recent Thales research, COVID-19 rapidly brought in the era of remote work, presenting new dangers that IT professionals are trying to handle with existing security technologies. Traditional security technologies like VPNs are still the primary vehicle for employees accessing apps remotely, according to six out of ten UAE respondents, which is presumably why 87 percent are concerned about the security risks/threats of employees working remotely.
These are some of the key findings from the Thales Access Management Index 2021, a global survey of 2,600 IT decision makers commissioned by Thales and conducted by 451 Research, a division of S&P Global Market Intelligence, to better understand the new security risks and challenges posed by the COVID-19 pandemic-related rise of remote working and cloud transformation.
Last year, cybercriminals took advantage of the COVID-19 outbreak and the shift to remote work, resulting in a 150 percent increase in ransomware attacks. The effects of the pandemic, according to the Thales survey, have had a significant impact on security infrastructure, particularly access management and authentication frameworks, forcing organisations to adopt modern security strategies like Zero Trust to support the demands of a more mobile and remote workforce.
According to the survey, respondents have a variety of remote access methods in place. When questioned about the technologies in use, the most prevalent response was VPN, which was identified by 60% of IT experts. Following soon behind were virtual desktop infrastructure, cloud-based access, and zero trust network access/software defined perimeter (ZTNA/SDP). When asked what new access technologies they planned to adopt as a result of the pandemic, nearly half (44%) said ZTNA/SDP was the top choice.
Thales also looked into respondents’ ambitions to go beyond standard VPN environments, finding that over 40% aim to replace their VPN with ZTNA/SDP and 38% plan to use a Multi-Factor Authentication (MFA) solution. This demonstrates that the demand for more advanced authentication capabilities is driving change in many organisations and is seen as a critical enabler of Zero Trust security.
“Seemingly overnight, remote access went from being an exception to the default working model for a large swath of employees. As a result, businesses are navigating a volatile and complex world, and adopting a Zero Trust model of cybersecurity will enable them to continue to conduct operations safely amidst the uncertainty,” said John Doley, Director for Access Management at Thales for META region.
Added, “One of the core barriers businesses face when starting their Zero Trust journey is the balance between locking down access without interrupting workflow. People require access to sensitive data in order to work and collaborate and business leaders will need to ensure that a drop in productivity doesn’t become an unwanted side effect. The research shows that IT professionals increasingly see access management and modern authentication capabilities as key components in achieving a Zero Trust model.”
According to the Thales report, respondents that want to improve access environments choose Zero Trust solutions, but many are still in the early stages of deployment.
According to the study, just about a third of respondents (30%) claim to have a formal strategy and actively support a Zero Trust policy. Furthermore, nearly half (45%) are developing, investigating, or evaluating a Zero Trust strategy. Surprisingly, less than a third (32%) of respondents said Zero Trust has a significant impact on their cloud security approach.
The acceleration of improved techniques to access security is a silver lining of the pandemic-driven rush to remote working. According to Thales, 55 percent of respondents had implemented two-factor authentication in their organisations. There was significant regional variance, with the UK leading (64 percent), followed by the US (62 percent), APAC (52 percent), and LATAM (47 percent) (40 percent ). These differing levels of adoption could be attributed to the priority given to improving access control in security initiatives.
Despite the well-known shortcomings of passwords, MFA still trails other security measures such as firewalls, endpoint security, SIEM, and email security in terms of investment. The key use case for MFA adoption is still remote access users (71 percent ). One-third of those who have implemented MFA employ more than three separate authentication technologies, indicating a future need for a more unified approach to access control.
Another important factor is worker knowledge of the hazard landscape that evolves as a result of remote working. The human aspect is a critical pillar in cybersecurity, and having well-trained personnel is critical to reducing the dangers of new risks posed by remote working.
“Security tools and approaches need to adapt to better support the era of remote working,” said Eric Hanselman, chief analyst at 451 Research, part of S&P Global Market Intelligence. “The shift towards a Zero Trust model, along with increasing use of modern authentication technologies, like adaptive and multifactor authentication (MFA), will improve organisations’ security posture. This will be an exciting space to watch as businesses continue to deal with dynamic workplace environments.”