With the prospect of multiple viable COVID-19 vaccines now on the horizon, the fear factor that has disrupted so many lives should soon abate. The trouble is employees working from home are more likely than ever to relax their cybersecurity guard as we enter the next phase of the pandemic.
End users, in many cases, are perfectly happy with that state of affairs. Most end users view security tools as detrimental to their productivity. The first thing that usually gets turned off whenever there is an issue with the quality of a video conferencing call is the virtual private network (VPN).
It’s no wonder cybercriminals are launching more targeted attacks. A recent international survey of end users conducted by SailPoint Technologies Holdings finds nearly half of U.S. respondents said they had experienced targeted phishing emails, calls, or texts in a personal or professional capacity during the first six months of working remotely this year. Over half of EMEA and ANZ respondents (51%) similarly reported experience a phishing attack since the pandemic began, with 10% reporting they were targeted by one or more a week.
Those targeted attacks will only increase as the credentials end users create to work from home become more widely available on the Dark Web. In fact, the SailPoint survey notes 25% of respondents shared work passwords with a third party, including partners, roommates, or friends, mostly because they are using their personal devices to access business applications.
Creating a better remote work experience
What most end users really want from their organizations this holiday season is a better remote computing experience. Even once a vaccine is available and widely distributed, it’s not likely most workers will be going back to the office full time unless it’s an absolute requirement. A survey of 350 CIOs and CTOs conducted by IEEE finds more than half (52%) of respondents believe their biggest challenge in 2021 will be dealing with aspects of COVID-19 recovery, including permanent hybrid remote and office work structure (22%), reopening offices and facilities (17%), and the management of a now permanent remote workforce (13%). It’s not so much a question of if IT organizations will be revaluating their approach to remote computing as much as it is a matter of when.
There is, of course, no shortage of options to consider, ranging from secure software-defined wide area networks (SD-WANs) to application development tools that embed access management capabilities within the application itself. Regardless of approach, IT teams looking to either achieve or maintain good relations with their end users should be examining all their remote computing options right now. Otherwise, the next time they see their colleagues will likely be during a companywide video conference to quell a level of unrest that continues to build steadily.
Rather than having to quell an internal rebellion, savvy IT leaders should be asking end users for their input as part of a grand bargain. The mere fact that a review of remote computing policies and technologies is being conducted is usually enough to at least make people feel like they are being heard. In return for that review, IT leaders should ask end users to pledge to be more vigilant. The pandemic is far from over, and there are more cybercriminals than ever conspiring to steal data.
The challenge and the opportunity are to find a way to thwart those efforts while simultaneously boosting productivity. The best cybersecurity revenge is, after all, continuing to live well regardless of how many attacks are being launched.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.