A new report by Lookout, Inc. has highlighted the increased risks to corporate data from remote work and bring your own device (BYOD) policies. The State of Remote Work Security survey, based on responses from 3,000 remote and hybrid workers from enterprise companies in the United States, United Kingdom, France, and Germany, found that with remote and hybrid working, personal and work tasks blur together and the boundaries between the two have become more porous.
The survey revealed that 32% of remote and hybrid workers use apps or software not approved by IT and 92% of remote employees perform work tasks on their personal tablet or smartphone devices. The report highlights the dangers of these devices, apps and software, which are not visible to IT, thereby dramatically increasing an organization’s risk posture.
The report highlights that the cloud has become a crucial backbone for most organizations, with 61% of businesses in the US migrating their workloads to the cloud in 2020, triggered by the global pandemic and the need to quickly support remote work.
Providing employees with remote access to corporate data in the cloud provides flexibility and potential boosts to productivity, but this coupled with BYOD can also increase an organization’s exposure to risk. The report calls for organizations to move beyond providing access to users based on device posture and instead address how they can extend access control policies to ensure secure usage of corporate data stored in these apps.
The survey revealed that remote employees are less likely to follow data security best practices, with 90% accessing corporate networks from areas other than their home, 46% saving a work file onto their personal device instead of their employer’s network drive, nearly one in three remote employees working more than 20 hours per week on their personal tablet or smartphone device, and 45% using the same password for work and personal accounts.
These behaviors point to the need for organizations to have a completely new approach to security so that it keeps pace with the way remote users access data and collaborate with each other.
Sundaram Lakshmanan, chief technology officer at Lookout, said that the rise of remote work has resulted in a massive expansion of the corporate attack surface, with IT teams having little control over the networks from which their employees connect most of the time, which exposes both the users and corporate data to both internal and external threats exponentially.
Lookout provides tools that enable organizations to protect their users and devices, along with enforcing adaptive security policies to protect access to data stored in these corporate apps, from both internal and external threats.
