Expanding the workforce’s IT freedom while simultaneously increasing IT restrictions headlines the contradictory sentiments of IT and Security leaders in report’s key findings
Hysolate, an OS Isolation innovator for security-aware enterprises, announced the release of its latest enterprise security study exploring 200 enterprise IT and security leaders’ views on enterprise priorities for ensuring secure remote access to corporate resources. The study, The Enterprise Security Paradox: Simultaneous Calls for Increased IT Freedom and More Stringent IT Security, reveals how the office-from-anywhere hybrid model of work, emerging as the COVID-19 pandemic recedes, is pushing IT and Security leaders to press for changes to IT security policies to simultaneously increase employee productivity while also enhancing the organization’s ability to ward off ransomware and other external attacks.
Recommended ITech News: Kemp LoadMaster Dominates The ADC Category On Gartner Peer Insights
The study illuminated a fascinating juxtaposition of dueling thoughts:
- Ninety-six percent (96%) of respondents called for an expansion of IT freedom.
- Ninety-one percent (91%) assert that enterprises also need to put more IT restrictions into place.
Stated another way, nearly every individual participant indicated that IT security policies need to be both more liberal and more constraining at the same time. While this appears to be a call to shift security approaches in opposite directions simultaneously, below the surface, the data paints a more nuanced picture:
- Very few of the 200 respondents characterized their companies’ employees as being happy with current IT security policies: Only seven percent (7%) think that their employees are satisfied with their corporate IT restrictions, and the vast majority (93%) think that employees are actively working around IT restrictions.
- The rise of the gig economy and increased reliance on contractors have elevated concerns about corporate access for non-employees: Eighty-seven percent (87%) of respondents overall (and as much as 100% in financial services) identified contractors as the single greatest threat vector when it comes to granting remote access to corporate resources.
- The near-total-remote-work model pressed into service during the height of the pandemic blurred the lines between work time and personal time. The effect is enduring, even as businesses are forming their return-to-office strategies: Eighty-seven percent (87%) of respondents said that if employees could perform personal activities on their work devices, doing so would increase productivity. Further, 79% said such IT freedom would reduce employee frustration.
Recommended ITech News: C3M Risk Scoring Solves Enterprise Struggle of Alert Fatigue
“At first glance we were really surprised to see that any given respondent was calling both for more IT freedom for workers and also for more restrictive IT security,” said Hysolate CEO Marc Gaffan. “But as we dug deeper into the data it became clear that these leaders recognize that employee satisfaction is of utmost importance — employee retention largely depends on it — and that IT plays a critical role in enabling productivity and keeping workers happy. And they also understand how crucial IT security is in preventing remote access by external parties, like contractors and others, from becoming a rogue way into the Enterprise and also tunnel for data exfiltration. Today’s enterprises need to keep both at the top of the priority list.”
The findings of The Enterprise Security Paradox study demonstrate a significant shift in thinking from just one year ago when Hysolate, in conjunction with Team8, published their 2020 study, The CISO’s Dilemma: How Chief Information Security Officers Are Balancing Enterprise Endpoint Security and Worker Productivity in Response to COVID-19. In it, respondents were also grappling with the questions of worker productivity and corporate security, but these were seen as competing priorities battling for prominence in a zero-sum game. Whereas the 2020 study indicated that respondents were split on which way enterprises should shift their security stances, this year’s study demonstrates that security and IT leaders understand that IT security is not monolithic and that policies can be finely tuned to meet the particular needs of different constituencies.
Recommended ITech News: Cockroach Labs Releases CockroachDB On Kubernetes To Simplify Cloud-native Database Deployments