“You can’t defend what you don’t know you have.” This security maxim remains true as ever, yet the mass shift to remote work over the last 18 months has made following this advice more challenging for organizations. If it wasn’t hard enough to maintain accurate inventories of technologies used in the office, organizations now face the prospect of auditing technologies their employees are using in their homes to support remote work. These technologies can carry unanticipated security risks, but if they are invisible to employers, they cannot be understood, assessed and ultimately managed.
Our latest HP Wolf Security report – Out of Sight & Out of Mind – reveals how the rise of hybrid work is changing user behavior and creating new cybersecurity challenges for IT departments. The research shows that a growing number of users are buying and connecting unsanctioned devices outside of IT’s purview. It also highlights that threat levels are rising, with attackers increasingly successful at bypassing defenses and tricking users into opening phishing links and malicious emails. All of this is making IT support more complex, time-consuming, and costly than ever.
The report examines data from a global YouGov online survey of 8,443 office workers who shifted to remote work during the pandemic, and a global survey of 1,100 IT decision makers conducted by Toluna.
“With increasingly distributed teams, there are fewer informal networks for people to sanity check: ‘Does this look a bit strange?’ before they click. Education helps, but it can only get you so far. While we should encourage and make it easy for people to report incidents, we can’t rely on self-reporting alone. Having layered security in place that can provide the right level of visibility is key.” – Joanna Burkey, CISO, HP Inc.
- Pandemic-driven shadow IT is on the rise: The report found that workers are buying and connecting devices without being audited by IT. 45% of office workers surveyed purchased IT equipment (such as printers and PCs) to support home working in the past year. However, 68% said security wasn’t a major consideration in their purchasing decision, while 43% didn’t have their new laptop or PC checked or installed by IT, and 50% said the same of their new printer.
- More employees are falling for phishing and other social engineering techniques: 74% of surveyed IT teams saw a rise in employees opening phishing links in the last year. 40% of office workers surveyed aged 18-to-24 reported clicking on a malicious email with almost half (49%) said they have done so more often since working from home. Of office workers that clicked or nearly clicked a link, 70% didn’t report it to IT – 24% didn’t think it was important, 20% cited the “hassle factor”, while 12% had a fear of reprisal or being punished by their employer.
- IT teams are having to rebuild more systems in the pandemic: 79% of the IT teams we surveyed reported that they are rebuilding more systems now than before the pandemic. One of most common reasons for reimaging a system is when it has been compromised by malware, so the increase in the overall rebuild rate suggests that attackers have been successful at breaching endpoint defenses in a remote working setting. The real figure could be higher still: 80% of IT teams worry that employee devices might be compromised and they don’t know about it.
- Remote work has made IT support more time-consuming: 65% of surveyed IT teams said that patching endpoint devices is more time-consuming and difficult because of the mass shift to home working, while 64% said the same of provisioning and onboarding new starters with secure devices. 77% of teams said the time it takes to triage a threat has increased in the past year, while an estimated 62% of alerts relating to endpoints are false positives, leading to wasted time.
- Remote work has increased the costs of IT security: The surveyed IT teams estimated the cost of IT support relating to security rose by 52% in the last year.
- IT teams feel over-stretched by the challenges created by remote work: 83% of surveyed IT teams said the pandemic has put even more strain on IT support because of home worker security problems, while 77% of IT teams say homeworking is making their job much harder and that they fear teams will burn-out and consider quitting.
Securing the Future of Work Systematically
The risks created by hybrid work require a systematic approach to mitigate them. One of the weaknesses of traditional security approaches highlighted by this research is how it’s too easy for users to become single points of failure. The root of the issue is that risky tasks handled by applications, such as an email client opening a message or a web browser opening a link, are by default given access to parts of the operating system (OS) beyond what is necessary. This lack of boundaries means that attackers can exploit applications and potentially gain complete control over an endpoint.
One way to address this weakness is to introduce a granular Zero Trust model to the endpoint, such as that used by HP Sure Click. Its application isolation technology limits the impact of exploits by isolating risky activities inside hardware-enforced micro-Virtual Machines, only granting applications the minimum data and access to function, while supporting user workflows. This means that if an application is exploited, any malicious code is isolated from the host system, rendering it harmless.
“The leading technology of the future will be secure-by-design and intelligent enough to not simply detect threats, but to contain and mitigate their impact, and to recover quickly in the event of a breach – which could happen at any time, to any one of us. This protection should extend below and above the Operating System and deliver protection to both known and unknown threats – even zero days. By building securing in from the hardware up, we can alleviate pressure on support teams while also ensuring users are free to do their job uninhibited.” – Ian Pratt, Global Head of Security for Personal Systems, HP Inc.
The second challenge faced by organizations is poor network visibility and an inability to remediate quickly and at scale. To address this, organizations need endpoint security that equips IT and security teams with better visibility and management tools. Organizations should also examine the security of their endpoints below the OS, because determined attackers are increasingly targeting device firmware. Therefore consider features built into endpoints at the hardware level, for example, devices with remote recovery capabilities and self-healing firmware.
About the Research
The report is based on:
- A Toluna survey of 1,100 IT decision makers in the UK, the US, Canada, Mexico, Germany, Australia, and Japan. Fieldwork was undertaken between 19th March – 6th April 2021. The survey was carried out online.
- A YouGov survey of 8,443 adults in the US, the UK, Mexico, Germany, Australia, Canada, and Japan who used to be office workers, and worked from home the same amount or more than before the pandemic. Fieldwork was undertaken between 17th – 25th March 2021. The survey was carried out online.
Download the Out of Sight & Out of Mind Report
Download the report: HP Wolf Security Out of Sight & Out of Mind