In a survey conducted by Positive Technologies among IT and IS specialists, more than half of the respondents noted that due to the pandemic, remote access had to be urgently organized from scratch (11%) or urgently scaled, since it was implemented only for some employees (41%).
When switching to remote mode quickly, a number of security risks associated with endpoint vulnerabilities appear. It is desirable, according to Positive Technologies experts, for remote employees to use domain devices that meet all security standards. However, only 20% of respondents adhere to this policy. In every fourth case (24%), their own computers or laptops are used for work, and in 56% ― both home and work computers are used for business purposes.
"The survey showed that the majority of respondents (57%) expect to skip the pandemic with their eyes closed and don’t plan to change the ways of organizing the remote work in the coming months. And only one in ten has plans to introduce two-factor authentication. Others are probably satisfied with everything or they hope that remote work will end soon, and aren’t ready to invest in the organization of secure remote access," - said Natalia Kazankova, product marketing manager, Positive Technologies.
43% of respondents noted that their companies have services on the perimeter. In 34% of cases it is noted that e-mail is on the perimeter, every fifth respondent noted that corporate portals are on the perimeter, and 16% of respondents mentioned internal web applications in this context. To reduce the risk of incidents there is a need to use the web application firewall, monitor the password policy and don’t forget about two-factor authentication.
At the same time, this survey shows that IT companies are the leaders of readiness to switch to remote access: 63% of employees of IT companies note that the remote mode of work was organized before the quarantine. In the telecommunications sector this figure is 54%, in the financial sector - 46%, in industry - 32%, in the fuel and energy sector — 26%, in state structures — 24%. The majority of employees work from domain devices in the IT industry — 26% of respondents. The financial industry is slightly behind — 23%. The lowest rate is in industry (11%).