Balancing worker productivity and corporate security in remote- and hybrid-working arrangements can be challenging.

What can the results of an online five-minute security assessment of 1,200 global IT security professionals tell us about how the shift to remote-working has affected organizations’ security practices around users, devices, and access?

Based on the results of such an ‘assessment’, Check Point has concluded that the shift has left many cybersecurity gaps that need to be bridged while organizations try to find a balance between maximizing remote-workers’ productivity and ensuring device-, access- and corporate asset- security.

According to the firm, answers were evaluated based on its own “best practices” of implementing five critical security solutions needed to protect remote users against internet based attacks: URL filtering; URL reputation; content disarm & reconstruction (CDR); zero phishing; and credentials protection.

Key findings

Only 9% of organizations surveyed used all five protections and 11% did not utilize any of the listed methods to secure remote access to corporate applications. Also:

  • 70% of respondents allowed access to corporate applications from personal devices (unmanaged devices or via bring your own device arrangements).
  • 20% of respondents reported that they did not use any of the five methods mentioned to protect remote users’ internet browsing the internet; 9% used all five methods to protect against internet-based attacks.  
  • 26% of respondents did not have an endpoint solution that can automatically detect and stop ransomware attacks. Also, 31% did not use any of the mentioned methods to prevent sensitive business data from leaking outside the organization.
  • 12% of organizations that allowed corporate access from mobile devices used a mobile threat defence solution. This highlights how exposed organizations are too fast moving, 5th generation cyber-attacks that target remote workers.

The firm’s user base had registered 50% more attacks per week on corporate networks for 2021 in general. According to its Vice President of Product Management, Itai Greenberg: “While many companies have embraced the new hybrid and remote work models, they have not adopted all of the critical solutions needed to secure their remote workforce… Organizations should progress to a Secure Access Service Edge architecture (for) quick and simple access to corporate applications, for any user and from any device, and protect remote employees from all internet-based threats.”