The COVID-19 pandemic has like no other event has had a profound impact on IT so it should not come as a surprise to see cybersecurity priorities changing. A global survey of 937 IT professionals published by Netwrix, a provider of compliance tools, finds network and data security are now each tied for first as the top priority for more than three quarters of respondents (76%).
Just over half (52%) are also prioritizing security awareness of employees as it’s become apparent many of them will be working from home for potentially months to come. A separate survey of 3,000 individuals conducted by Blind, anonymous online community of professionals, finds 91% said the organization they work for has delayed plans for returning to work well into 2021.
The challenges when it comes to securing the networking services on which those end users are naturally myriad. A survey of 1,077 IT professionals conducted by Zogby Analytics on behalf of Infoblox, a provider of networking appliances and software, ranks distributing sanctioned devices (35%), building network infrastructure (35%), and securing the network (29%) as top IT challenges when transitioning to remote work.
More than two-thirds (68%) said threat mitigation and network visibility remain the top security concerns for the remote work environment. Specifically, respondents are looking for better visibility into devices on the corporate network (65%), cloud applications workers are using (61%), and compromised devices (46%).
Much of the immediate focus on network security is going to be about what do about virtual private networks (VPNs). When less than 10% of employees are working remotely VPNs are sufficient to the task a t hand. However, when as much as 90% of employees are working from home it become apparent VPNs are don’t especially scale well. More troubling still, end users often find them cumbersome to employ. It’s not uncommon for end users to disable their VPNs as part of an attempt to allocate more of their limited network bandwidth resources to video conferencing applications that tend to be latency sensitive.
As a result, the rate at which organizations are moving to replace VPNs with software-defined wide area networks (SD-WANs) will only accelerate in the weeks ahead. SD-WANs are not only easier for IT teams to remotely control and manage, the entire experience is largely transparent to the end user.
Hopefully, a vaccine for COVID-19 will be available soon. Regardless, many organizations have come to realize that either they don’t need as many people in an office or that they don’t require everyone to come to the same central location. Many companies are looking to organize teams of employees around smaller offices whenever feasible to reduce risks. An office with a handful of people that are exposed to the virus is not nearly as potentially disruptive as an entire headquarters being forced to shut down. Many organizations have also concluded there might very well be another pandemic. It’s simply more prudent to reduce risks by distributing more of their workforce across multiple locations.
Naturally, both networks connected to remote and home offices need to be secured. The difference from a home and remote office from an IT perspective is already starting to blur as IT teams finds themselves shipping all manner of IT gear to home addresses.
IT teams will need to decide what mix of networking and security technologies make the most sense to secure all those offices. However, trying to scale a legacy approach to network security designed for the occasional remote user across an entire organization that will likely from now on be working in some form of a remote office is just a bad idea for all concerned.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.