Making the hybrid shift
Many organizations overlook security in the shift to remote and hybrid work. With more and more and more employees making the switch, companies’ major focus often falls on continued operations and ensuring productivity under the new normal — leaving security a secondary concern.
Yet cyberthreats are growing daily, with attackers sharply focused on taking advantage of changing work styles and new user behaviors. But as the lines between personal and professional life continue to blur, how should organizations react?
The changing threat landscape
With at least partial work from home increasingly common, the amount of data accessed outside of company space is on the rise, significantly. According to a new report from HP, 71% of employees say they now access more company data, more frequently, from home than they did before the pandemic. The most common types of data accessed are the customer and operational data (at 43% each), followed by financial and HR records (at 23% each).
At the same time, today’s hybrid workers are also using work devices for personal tasks more than ever before, opening up further possibilities for the entry of cyberthreats. A third of employees now use work devices to download more from the internet than before the pandemic, while 36% use their work devices for watching content using online streaming services. With 27% of respondents admitting to using their work device to play games more than before the pandemic (rising to 43% for parents of children aged between 5 and 16), there are myriad opportunities for sophisticated threat actors to gain access to the company devices.
Indeed, increased network attacks targeting home Wi-Fi networks and VPNs, phishing using coronavirus-themed domains that mislead to malicious sites and visual privacy breaches are all increasingly common. Add to these threats such as gaming-focused malware, and it is clear that cybercriminals are looking at all available routes to device entry. Over the past year, more than half of device manufacturers saw an increase in phishing, while 56% saw an increase in web browser related infections. More importantly, 44% saw compromised devices being used to infect the wider business.
A recent Forrester report further underscores how pervasive attacks are becoming. In the past year, more than one-third (34%) of organizations experienced a compromise of company data involving lateral movement, a homeworker device, or an overall increase in security incidents.
Securing the new world of work
While many companies know that it is critical to secure data, devices and networks wherever work gets done, many are slow to act. Only 66% of respondents in the Forrester report said they are securing employee-owned devices, while just 64% are securing the Internet of Things (IoT) devices like IoT printers.
To ensure endpoints, wider company networks, and sensitive data stay safe, IT decision-makers must take a prevention-first approach to endpoint security. Tools should focus on reducing the attack surface, not just on detection alone. Defense strategies must take account of changing device use patterns, protecting users against a host of new malware types and infection points — a challenge that often goes beyond traditional security approaches.
To help companies of all sizes smooth and secure the shift to hybrid work, HP Wolf Security offers a newly integrated portfolio of secure-by-design PCs and printers, hardware-enforced endpoint security software and endpoint security services designed to protect users from growing cyber threats. From self-healing firmware and in-memory breach detection to threat containment via isolation, HP Wolf Security reduces the addressable attack surface and enables remote recovery from firmware attacks with built-in security technology.
As more and more organizations begin hybrid work journeys, ensuring that end-user devices are properly secured should be a key starting point. The right endpoint security can help keep users, devices, networks and sensitive data safe from attack — a key goal when ensuring operations are uninterrupted and that productivity remains high.