Hybrid work is here to stay: in recent times, new flexible work models have emerged that have contributed to improving work-life balance, maintaining or even improving productivity on some occasions and giving way to the creation of new opportunities for innovation. According to Gartner, it is expected that by the end of this year, 39% of “knowledge workers” will work in a hybrid way, compared to 37% who have done so in 2022.
However, these new opportunities bring new challenges for organizations’ security teams. The security systems of companies are increasingly complex because the perimeter and the radius of action of the employees go beyond the limits of the offices. To deal with it with guarantees, we must focus on the security of access points such as PCs and printers, which represent “ground zero” for most attacks. New cybersecurity strategies are needed to prevent, detect and contain cyber threats, but also to improve remote management of PCs and mitigate the risks associated with device loss or theft.
Closing security breaches in the age of hybrid work
According to a new study and a hybrid security report from HP Wolf Security, 82% of security managers working in a hybrid work model say there are gaps in their organization’s security strategy. And it is not only a question of identifying why, but it is also necessary to analyze the channels through which the data flows. The access point is the epicenter of the hybrid worker ecosystem. Whether it’s a laptop, tablet, PC or smartphone – or associated peripherals like printers. These devices can be a perfect entry point for cybercriminals. In fact, 84% of security managers say that the access point is the source of most security threats and where the most dangerous intrusions for businesses occur.
Access points are the preferred target for criminals, as they represent an intersection point between unreliable users and vulnerable technologies. Hybrid working exacerbates the problem because devices often don’t receive the necessary protection that the enterprise perimeter provides. Remote workers’ devices and equipment can be left unpatched and inadequately protected, leaving local networks misconfigured and potentially compromised.
And then there’s also the risk that employees are in a more relaxed environment, with no colleagues to consult, making them more likely to click a risky link or open an attachment containing malware. In fact, 66% of IT and security managers say the biggest cybersecurity pain point in their organization is the potential for hybrid employees to be compromised. They mention the phishinghe ransomware and attacks through unsecured home networks as the main risks. Furthermore, employees are not only working from home, but also in coffee shops, airports and even abroad as digital nomads.
The good news is that organizations have already begun to focus their investments on hybrid work security. Currently about 71% Yo of security managers have increased budgets for hybrid workers and 82% Yo it expects this number to rise further in 2023. However, it is critical that budget is spent on the right tools, with a focus on making the access point the center of any hybrid security strategy.
The needle in the haystack of hybrid work
Another priority for IT and security teams is improving remote management of devices. In the age of hybrid work, this has become more complex and necessary. Cloud technologies have helped reduce the workload in this regard, but they are not 100% efficient. about 70% Yo of security managers say hybrid work increases the risk of device loss or theft. But what happens when the remote computers are turned off or disconnected? Finding or protecting the data on these devices may be impossible, posing a significant risk if it contains personally identifiable information (PII), intellectual property (IP), or trade secrets.
With workers constantly on the move, the risk of human error is greater. And there will always be criminals on the lookout for devices to hijack. This only increases the risk, especially in highly regulated sectors such as public administration, where a lost or stolen laptop could pose a national security risk.
A new way to connect
So what can IT managers do to reduce these risks? The first step is to find a new way to connect to remote computers through mobile networks. This means that devices can be managed even when they are turned off or disconnected. More importantly, this functionality could be used to connect to lost or stolen devices and then lock and wipe them. This will not only reduce the risk of data loss and breach, but can also lower IT costs by reducing the need to repair or replace PCs.
A more resilient and secure connection to remote computers will also reduce the time and effort required to resolve support requests. Teams can accurately report where and when devices disappeared and how long it took to lock or wipe them. HP has been working on creating this type of connectivity solution for IT management and its new HP Wolf Connect service now allows IT managers to manage devices even when they are turned off or disconnected.
This should be part of a new approach to security in the hybrid work environment that takes into account the risks and challenges that characterize a more flexible work model. Around 80% of organizations already claim to have deployed different tools and policies to protect staff working in hybrid environments. But the key here is that these tools and policies require moving away from old perimeter-controlled thinking. The access point must become the heart of protection in the hybrid age. Embracing hardware-enforced security features and protection above, within, and below the operating system—such as application isolation—will be key to protecting users without compromising the privacy that hybrid working enables.
61% of organizations say that protecting their hybrid workers will be more difficult next year. But it shouldn’t be like that. By improving remote management and adopting hardware-enforced security, users can unleash their creativity and be more productive without exposing themselves to additional cyber risks. At a time when sustainable growth is critical to all businesses, we need to optimize the hybrid workforce experience.
Signed: Inés Bermejo, CEO of HP Iberia
