According to a study by Fortinet, companies consider hybrid work to be one of the top security risks. Employees don’t always transfer office security policies to their home environment.
Hybrid working is now firmly established in our society, but it poses major challenges in the area of cyber security. That’s the finding of Fortinet’s 2023 Global Work-from-Anywhere Study. This study is a large-scale survey that the security specialist conducted among more than 570 companies with more than a hundred employees.
Where home workers made up only a fraction of the workforce before the corona pandemic, they now make up the majority. 60 percent still support home workers and 55 percent are fully committed to a hybrid work strategy. Only three percent allow their employees to work full-time from home. But this Work from Anywhere (WFA)-Politics goes hand in hand with new challenges in the area of IT and security policy.
The risks of working from home
Most organizations consider the lack of security of remote and home networks to be the top security risk associated with WFA. This is a particular problem because enterprise security cannot be extended to a non-business environment. Other risks include using company laptops for personal use, employees not adhering to security measures when away from the office, and sharing the home network with unknown users.
The figures published by Fortinet in the report show that these risks lead to real problems. Nearly two-thirds of respondents experienced a data breach due to vulnerabilities created by home workers.
NAC inherits it from ZTNA
Employers are looking for ways to gain more control over what their employees do with their work device at home or in other remote workplaces. Almost half (42%) of all respondents use security solutions from different vendors. Especially in network access control (NAC) People see a lot of redemption.
58 percent state that they have implemented a NAC solution. With NAC, organizations can exercise greater control over devices attempting to remotely connect to the corporate network. Only devices that meet certain conditions are allowed to pass.
The superlative of NAC is Zero Trust Network Access (ZTNA), which allows the administrator to select devices to allow in a network environment. With only four percent of organizations implementing it, it’s a much less popular approach, although experts have been calling for zero trust to become the new standard for network security for years.