Work from anywhere (WFA) is here to stay, making new approaches to cyber security a top priority.
According to a new research study by Fortinet, only a third of employees in EMEA countries, including South Africa, have returned back to the office full time. Most companies in this region allows for a mixture of remote work up to four days per week or even permanently.
“It’s clear that WFA is here to stay but organisations see insecurity of home networks as a major concern,” says Doros Hadjizenonos, regional director: southern Africa at Fortinet. “As a result, companies are planning significant cybersecurity spending, but there is no consensus on which solutions they favour.”
Fortinet’s 2023 Work-from-Anywhere Global study assessed how organisations are responding to the major cybersecurity challenges that have come as a result of the WFA evolution and how they’re evolving going forward. The research, conducted among 570 companies worldwide, found that only 40% of companies have ordered their workforces back to the office full-time. 5
Fifty-five percent are accommodating remote work for at least some days of the week. In Europe, the Middle East and Africa, only 33% expect their employees back at the office full-time, less than the global average. The remaining 67% of companies surveyed adopt a mixture of one to four remote work days per week or even a full-time remote work policy. South African companies count among the 130 companies surveyed in this region.
In the Asia-Pacific region, which is the most restrictive of the regions surveyed, 53% of the organisations surveyed require their staff to return the office full-time. Only 41% allow for remote work some days of the week. Overall, the survey reveals a third of employees worldwide expect to stay working off-site 80% of the time, while more than half expect to continue working off-site 51% to 80% of the time.
“This indicates that WFA is a viable new model for workplaces. However, it brings with it a range of new cyber security concerns,” Hadjizenonos says. “These include employees using company laptops for personal use, compromised family devices infecting an employee’s work PC, vulnerabilities of home networks and the lateral movement for malware to enter the corporate network.”
Perhaps the most startling finding from the survey is learning that nearly two-thirds (62%) of the companies have experienced a data breach due to their WFA vulnerabilities. Organisations cite a lack of cybersecurity training as their top concern for hybrid workers. The second top concern is the limitations of securing employees working off-site. And the third top concern (which is also outlined in the Fortinet 2021 Ransomware Survey Report) is the lack of clarity on how to properly secure against a ransomware attack.
Other concerns include a lack of visibility across the distributed network, growing sophistication of the threat landscape, a lack of zero-trust access (ZTA), and an effective patching protocol.
The new environment has impacted security investment plans, with 94% anticipating an increase in their security budget to accommodate WFA policies, and 37% expecting an increase of 10% or more.
On the question of which solutions are most important to protect WFA employees, network access control topped the list, followed by anti-virus on laptops, multi-factor authentication, cloud security and secure access service edge. Those who had experienced a breach tied to WFA were more likely than others to invest in laptop antivirus, VPN, secure access service edge (SASE), SD-WAN, and zero-trust network access (ZTNA).
Some challenges are unique to the South African work landscape where loadshedding prompts WFA employees to be agile and able to move easily between their office, home and public WiFi to stay connected. They often also have to alternate between fibre and mobile networks.
“Shifting from one network to another does increase the danger for remote workers since they may need to use insecure and untrusted networks to access mission-critical corporate software. This could lead to new dangers that allow attackers to intercept unprotected communications or attack an unprotected device,” says Hadjizenonos.
To make WFA a reality, enterprises need to deploy solutions capable of following, enabling, and protecting users no matter where they are located. “They need security on the endpoint (EPP/EDR) combined with Zero Trust Network Access (ZTNA) to ensure appropriate access for employees based on user and device identity, location, device type, and posture to establish secure access.
“The challenge most organisations encounter is attempting to do this using multiple vendors. One vendor supplies the endpoint security, one manages the response to a security threat and another provides identity management and so on. The data centre, the branch, and the various cloud platforms in use may even have different security vendors deployed. With so many vendors, it is quite challenging to develop a cohesive, dependable, and integrated solution, not to mention the considerable amount of IT overhead necessary to operate such a configuration.
“Organisations need a cybersecurity mesh platform from one vendor to protect their WFA employees that delivers endpoint, network, and remote access security. This approach, designed to create a collaborative ecosystem of security solutions operating across the digital infrastructure, places security everywhere it’s needed, anywhere in the network, even as users, devices, and applications multiply and become more mobile,” he concludes.