New Study Highlights the Remote Workforce Security Challenge

It should come as no surprise that the COVID-19 pandemic fundamentally changed how we work. Remote working, once considered a luxury or a perk, has now become a common feature of many organizations worldwide. Moreover, the concept of remote work has expanded beyond traditional “Work from Home” (WFH) arrangements to a broader concept known as “Work From Anywhere” (WFA).

However, with this shift, organizations face significant challenges in ensuring the security of their remote workforce. According to a recent study, despite the growing popularity of remote work and the increased reliance on technology, many companies still have a long way to go in effectively securing their remote workforce.

From WFH to WFA

While WFH used to be the common acronym associated with remote work, the term WFA is starting to replace it.

While WFH typically involves employees working from their homes or a designated remote location, WFA allows employees to work from any place of their choice, whether it’s a coffee shop, a co-working space, or while traveling. This change has arisen due to several factors, including technological advancements, the increasing demand for flexible work options from employees, and the impact of the COVID-19 pandemic, which accelerated the adoption of remote work practices globally.

Security is Lagging Behind WFA Adoption

Remote work has become the new norm for many organizations. But here’s the catch: most organizations still need to catch up in implementing crucial security measures to protect their remote workforce, as revealed in a recent report by Fortinet.

According to a recent global study, an eye-watering 62% of the 540 respondents said their companies experienced a data breach during the past two to three years that could be attributed to an employee working remotely.

The stark need for proven cybersecurity tools and techniques across many organizations is equally concerning. For example, basic security measures, such as antivirus on corporate devices (62%), multifactor authentication (59%), and secure web gateways (53%), were implemented by only half of the organizations surveyed. In addition, VPNs (51%) and firewall requirements on personal devices (48%) needed to be improved, despite being considered crucial security technologies for remote workers.

Moreover, network access control was identified as a top priority, yet only 58% of respondents deployed it. Perhaps more alarmingly, the fact that 92% of respondents have plans to implement VPN in the next two years highlights the considerable progress organizations still need to make in securing their remote workforce.

Notably, organizations that experienced a breach due to a remote employee were more likely to invest in antivirus, VPNs, secure access service edge (SASE), SD-WAN, and zero-trust network access. This suggests that organizations understand the critical link between robust, modern cybersecurity tools and techniques and the likelihood of falling victim to a cyber-attack. Still, the report suggests that organizations are still figuring out the best protection measures to implement.

Lastly, while many organizations need more cybersecurity controls for safeguarding remote workforces, they’re still interested in more advanced security controls. For example, while advanced security controls, like zero-trust networks (29%) and extended detection and response (XDR), were not widely deployed, interest in implementing them was high, at 72% and 79%, respectively.