Hybrid Worker Risks
Organizations are under pressure to secure their remote workers, but they are also worried about the potential impact on user experience. Can they have it both ways without compromise?
The pandemic has forced organizations to alter their business models overnight, requiring them to pivot to remote work at full throttle. However, as employees receive their vaccinations, organizations are beginning to think about returning to the office. Per Gartner, 64% of workers are currently home based and post-pandemic, between 30-40% will stay remote.
Capgemini Research Institute data suggest that the future workforce, in all probability, is going to follow a hybrid model. This means that employees will potentially be distributed across many locations, from traditional factories to office cubicles to family homes and shared apartments. This new normal may have several business benefits — however several new challenges and security risks also emerge.
Let’s take a look at the top 5 challenges:
1) Expanding attack surface
One of the direct implications of hybrid working is that employees may use their home devices and WiFi to access corporate data instead of using office infrastructure. In traditional workspaces, security teams supporting the perimeter can monitor corporate resources across the network but in the case of remote workspaces, devices are typically not monitored at all. Any device can serve as a potential network entry point. According to research, 77% of remote employees are using unmanaged and unsecured devices to access corporate systems.
2) SaaS and web app security risks
Today, more than 90% percent of all workloads are being processed in the cloud. SaaS applications and the public cloud can be tricky to secure because IT has limited control and can find it challenging to enforce data protection measures. An overwhelming majority of cybersecurity leaders consider cloud applications and services to be a major security risk.
3) Risk of Shadow IT
Shadow IT is a phenomenon that has exploded in recent years due to the growth in cloud services. Companies often have unsanctioned or outdated software lurking on their network completely unknown to the cybersecurity teams. This type of practice is surprisingly common, owing to the wide availability of multiple cloud-based apps and services that users have managed to hide from organizational approval. This behavior often gets exacerbated when employees operate remotely. The average company has 975 unknown cloud services with Shadow IT cloud usage estimated to be 10x the size of known cloud usage.
4) Poor remote employee experience
Managing employee experience is a process of ensuring that each touchpoint with the business is a positive one. But the rise of cloud infrastructure has created many hurdles for users to access their data across different apps and environments. This leads to disconnected experiences, too many interfaces to navigate, and too many logins to manage. Users can also be subjected to poor application performance owing to bandwidth constraints. On top of this, security teams hinder productivity by using a ‘prohibitive approach’ that restricts users from accessing websites and applications, which is a major cause of frustration for users. Many IT teams still lack knowledge of the remote employee experience and continue to cause disruption and downtime.
5) Limited Insights and Visibility
With the workforce becoming increasingly hybrid, it will become even more challenging to keep track of the growing number of non-traditional assets such as personal devices, IoT, Shadow IT, cloud services, etc. This leaves cybersecurity leaders with more questions than answers. The majority of organizations (64%) lack confidence in their security posture owing to inadequate visibility. Further, around 6 in 10 organizations claim awareness of fewer than 75% devices on their network. Visibility into data, users, devices, applications and services, isn’t just key to securing company data; it’s also key in fine-tuning systems to improve performance and remote user experience.
How a secure digital workspace can help deliver more for the hybrid workers
Connected workplace solutions enable the familiar work environment for virtually any endpoint device, anywhere while adding flexibility and helping to improve the remote employee experience, boost security together with Citrix Workspace and secure internet access, deliver greater productivity and user experience. This collaborative approach results in greater control and visibility of infrastructure for IT teams.
With the global workspace market is expected to grow in excess of $40 billion and become the backbone of a hybrid workforce, let’s take a look at the top reasons why:
Better user-experience: Plug-ins for popular SaaS applications and single sign-on help employees move through a streamlined, unified interface without having to log in and out of applications and navigate complex, disconnected interfaces. Users can access files from any location and sync their files from a single contextual interface that automatically adapts based on type of device. AI and machine learning help automate routine tasks, and this helps improve productivity and reduce employee burnout.
End-to-end security: Digital workspaces are secure by design. They serve as the single point of entry for all traffic and therefore provide complete visibility for all users, data, and applications. They’re designed to recognize user patterns and behaviors, granting or restricting access based on the context and situation, boosting productivity and employee experience, regardless of the device they are logging from. Such platforms help enforce enhanced security policies for SaaS applications, allowing you to monitor, block and isolate unauthorized applications.
Actionable intelligence and real-time visibility: Digital workspaces correlate data across a number of sources like apps, devices, networks, and data access, providing a risk profile for each user. The platform is equipped with AI-driven security analytics that provide the ability to take automated actions if required. It also provides insights on cloud-app usage so that businesses can decide whether to continue with a cloud investment or not.
A few years ago, digital workspaces seemed like a fad, much as remote working did. Given the evolving landscape of workplaces, many organizations now believe that digital workspaces truly holds the power to empower and secure a global hybrid workforce.
By Gary Taylor
Gary Taylor is a workspace offering manager and architect for Capgemini, responsible for developing end user transformation services for the company’s Connected Workspace offerings globally. Capgemini is a global leader in consulting, digital transformation, technology, and engineering services. A multicultural company of 265,000 people in nearly 50 countries, Capgemini’s purpose is to unleash human energy through technology for an inclusive and sustainable future. With Altran, the Group reported 2019 combined global revenues of €17 billion.