Source: pexels
The hybrid workplace is here to stay. It provides flexibility, convenience, and better work-life balance to employees. But it also comes with IT security issues. This is what the recent IDC report titled, “Security in Hybrid Work Era” revealed. The report focused on IT security among Asia Pacific organizations and the challenges they face when implementing security in a hybrid work model.
Based on respondents’ answers, security has become a top priority for IT leaders in this region. In particular, security teams are concerned about “employees’ access to insecure devices, networks, and data resources.” This is also known as shadow IT—the use of IT-related software and hardware without the formal approval of the company’s IT department.
Among organizations, 51% said they are concerned about devices accessing sensitive information on unmanaged devices and networks. Meanwhile, 46% were concerned about compliance, 43% are worried about devices communicating over unsecured connections, and 40% said they are concerned about inability to monitor the security posture of work devices.
Moreover, trends indicate that cyberattacks are now the fastest-growing crime on a global scale. Organizations recognize this and have put their money where their mouths are since security has become the second-largest IT investment in the Asia-Pacific region.
“Leaders should not think hybrid work means a sacrifice for security. Although there are more security challenges for organizations to address in hybrid work environments, having IT security strategies with measurable KPIs, and the right security products will bring tremendous value to productivity and business growth,” said Research Director, Dr. Lily Phan.
The report also provides insights on organizations’ security infrastructure and other areas of investment. It also includes recommendations on how to strengthen overall IT security for organizations. On the other hand, vendors targeting this sector of IT security will also find cases that could help them in building their campaign for their products.
Using Automated Solutions to Secure SaaS Apps
Even before the popularity of hybrid work setups, employees have been using their own apps and devices at work. However, the global adoption of remote work and the hybrid workplace seemed to have normalized the practice. As more employees leave the confines of their offices and transfer to their homes or other remote locations to work, the issue of shadow IT will most likely continue.
When it comes to apps, SaaS products have become the biggest category of shadow IT. That’s because as cloud-based services, employees can easily use SaaS apps on any device and from any location. SaaS apps can also quickly spread among different users within the company since an employee could recommend one product to another colleague. Other employees are encouraged to use the apps since they facilitate smoother collaboration. In other words, employees use SaaS apps because they enable them to do their work faster and fill gaps in their company-sanctioned IT tools.
The downside is IT departments will not be able to monitor security and provide support for these apps. They might not even be aware that employees are using certain apps. Therefore, the lack of visibility does pose security risks like ransomware, phishing, SQL injection, and password attacks.
As the IDC report recommended, setting security KPIs could be an effective way to prevent breaches. We’ll add to that automated security monitoring not just for IT-approved apps but also for third-party apps. Automated solutions provide 24/7 monitoring and help remediate SaaS misconfigurations. They can help IT teams mitigate threats, decrease incidents, navigate risks, and go from a reactive security approach to a proactive and focused one.
Why is FinancesOnline free?
Leave a comment!