JumpCloud Survey: Remote Work Taking a Security Toll
A survey of 400 IT professionals from small to medium enterprises published this week found three quarters of respondents concluded remote work makes it harder for employees to follow good security practices, with two-thirds (66%) admitting they are overwhelmed by the challenge of managing remote work.
More than half (56%) of respondents to the survey, conducted by JumpCloud, a provider of a directory platform, said they are spending too much to enable remote work, while just under two-thirds (62%) noted they pay for more tooling than they need to manage user identities.
On the plus side, remote management (58%), security (56%) and cloud services (50%) are the top budget priorities for the coming year, the survey found. As part of those efforts, just under a quarter of respondents (24%) said their organization has implemented a zero-trust approach to security, while a third (33%) are planning it.
The top security concerns cited in the JumpCloud survey were software vulnerabilities (39%), employees using the same username and password across apps (37%), using an unsecured network (36%) and device theft (29%).
Overall, just over half of respondents (53%) said managing remote workers is the biggest challenge IT administrators faced over the past year. A full 84% of respondents said they have already engaged or plan to engage a managed service provider (MSP) to help their organization cope. Just over a third (34%) engaged an MSP to completely manage the IT stack, while just under a third (30%) engaged an MSP to augment internal IT teams. Just under a quarter (21%) said they are exploring what an MSP can do to better support IT. The most common reasons cited for contracting an MSP to manage IT are security (51%), employee hardware (46%) and cloud services (46%).
Tom Bridge, a principal product manager for JumpCloud, said most IT teams have responded well to remote work challenges brought on by the COVID-19 pandemic. However, now that it appears a much larger percentage of the workforce will be working remotely more frequently many of those same organizations are revisiting their approach to security. The challenge they face is the need to balance the security requirements of the organization against the employee experience provided at a time when many workers can land a new job almost at will. A full 93% of survey respondents said employee experience is an important factor in any IT purchasing decision.
Of course, security training for employees is also a critical element of any remote computing strategy. Prior to the pandemic, most IT teams, on average, only worried about the approximately 10% of employees that were remotely accessing applications. Now that the percentage of remote workers has increased, end user training needs to become a higher priority.
At this point, however, it’s almost a given there will be more security incidents. As much as the focus should be on trying to prevent as many of those incidents as possible, the fact remains IT teams need to assume that, at some point, there will be a security breach involving an employees remotely accessing an IT service.
