As the threat landscape evolves and cyber attacks become increasingly more sophisticated, many organisations have surprisingly not implemented security solutions that ensure best-in-class connectivity and security for remote employees.
This is according to a Check Point Software Technologies' new assessment carried out amongst 1,200 IT security professionals globally, which examines how the shift to remote work changed organisations' security practices around users, devices and access.
The COVID-19 pandemic has forever changed the way in which we work, with most companies having transitioned their entire workforce from on-premise to remote working.
While a majority of organisations have fully adopted remote work as a way of life, security wise there are still many gaps that need to be bridged, the researchers state.
Organisations are challenged with finding a balance between remote users' productivity and ensuring device, access and corporate assets security.
According to Check Point Software's best practices, there are five critical security solutions needed to protect remote users against internet based attacks, which include URL filtering, URL reputation, content disarm - reconstruction (CDR), zero phishing, and credentials protection.
However, only 9% of organisations surveyed use all five protections and 11% do not utilise any of the listed methods to secure remote access to corporate applications.
The assessment also highlighted the following key findings.
The remote-access security gap: 70% of organisations allow access to corporate applications from personal devices, such as unmanaged devices or bring your own device (BYOD). Only 5% of respondents reported they use all of the recommended remote access security methods.
The need for internet access security: 20% of respondents reported that they do not use any of the five methods mentioned to protect remote users while browsing the internet, and only 9% use all five methods to protect against internet-based attacks.
A lack of protection against ransomware: 26% of respondents do not have an endpoint solution that can automatically detect and stop ransomware attacks. 31% do not use any of the mentioned methods to prevent sensitive business data from leaking outside the organisation.
Email and mobile security: Only 12% of organisations that allow corporate access from mobile devices use a mobile threat defence solution. This highlights how exposed organisations are too fast moving, 5th generation cyber attacks that target remote workers.
Check Point Software Technologies vice president of product management Itai Greenberg says, “While many companies have embraced the new hybrid and remote work models, they have not adopted all of the critical solutions needed to secure their remote workforce.
"This survey confirmed that organisations have a gap when it comes to users, devices, and access security. To bridge this gap, organisations should progress to a Secure Access Service Edge (SASE) architecture.
"SASE security models provide quick and simple access to corporate applications, for any user and from any device, and protect remote employees from all internet-based threats.