daniilvolkov - stock.adobe.com

Gartner: Securing remote workforce a top priority

In a COVID-19 pandemic world with new security threats and risks emerging, Gartner analysts discussed the urgency of securing access and devices for remote employees.

After Gartner re-examined its 2020 forecast in the wake of the global COVID-19 pandemic, analysts now recommend securing the remote workforce as a top priority for enterprises.

Several sessions at Gartner's 2020 Security and Risk Management Summit this week featured pandemic-related topics, including Monday's presentation, titled "Top Projects for 2020-2021," with Gartner senior director and analyst Brian Reed, which outlined how organizations can build projects to secure remote workers. Other sessions included "The Future of Endpoint Management and Security in a Post-COVID-19 World" with Gartner research director Rob Smith.

On Tuesday, Gartner research vice president Roberta Witty discussed adaptability in a session titled "COVID-19 as a Resilience Game Changer: How the World Will Never Be the Same." During Witty's session, she said "according to The World Economic Forums April report, the impacts of COVID have changed the global risk outlook."

Analysts agree that with COVID-19 came a spike in cyberthreat activity. While there are several focus points such as patch management, password security, detection and response platforms and cloud security, remote access for employees is the area that needs to be addressed first.

Before selecting this year's top security projects, Gartner first looked at its own forecast data, Reed said. "I know that a lot of our data has changed considerably due to the global pandemic taking hold in the first quarter of 2020. Securing your remote workforce has now become the single most existential imperative for all organizations in the wake of COVID-19."

Reed said the project must focus on business requirements and understanding the users and groups as they access applications and data.

"Many of us went through and turned on remote capabilities for many workers back in February and March and April, but what we really need to do is go back and do a proper requirements gathering and needs assessment," he said. "Have we opened up too much access, not enough access? Are we impeding the ability of people to do work? Are people looking at alternative ways to get around security to get their jobs done?"

Gartner remote workforce
Gartner analyst Brian Reed discusses the steps enterprises need to take to secure remote workers amid the COVID-19 pandemic.

According to Gartner's board of directors 2021 survey, Witty said that 66% of organizations felt they were reasonably prepared, at least technology-wise, before the pandemic.

"The transition to remote work went fairly well for most organizations. They realized who was essential during the early days of the lockdown, i.e., the shipping department," she said. "Other areas -- workforce, workforce facilities, the supply chain -- were not as well prepared."

Since the pandemic started, Witty said Gartner is seeing organizations embrace more technology. "The rapid move to remote work and the use of collaboration tools, all the enhanced security that goes along with it," she said.

In addition to an increase in remote work, 69% of respondents indicated they will also accelerate their digital business initiatives in the wake of COVID-19.

Security risks for remote workers have also prompted changes to device management security. Smith said prior to the pandemic, security hadn't evolved much.

"We were doing things almost the same way for years and now with everyone working from home reality is a little different. Maybe in a typical enterprise you had 5,000 people working across five or six offices," he said. "Now, the reality is you have 5,000 offices. However many employees you have, that's how many offices you have. The traditional rules around endpoint security and endpoint management just simply aren't going to work."

Pre-pandemic, there were three models of management.

"With January and COVID emerging, a need for a single unified system emerged," Smith said. "A single unified system which is where we're evolving to -- one system to manage everything -- with one console, one interface, one configuration and applying the policy based on user and what's appropriate for the device." 

In his final recommendations, Reed reiterated that if organizations can only do one security project, focusing on securing the remote workforce is a good use of time.

According to Witty, 48% of employees are working remotely now, versus 30% before the pandemic. "And 82% of organizations are planning to allow their employees to continue working from home at some level," she said. "We will see remote work remain."

Dig Deeper on Security operations and management