A survey of 545 IT decision-makers from organizations in the U.S. and United Kingdom (UK) found three-quarters of respondents (75%) are reevaluating their remote access strategy in the wake of new ways of working and the growth in cloud application use. The survey polled organizations with 1,000 or more employees and was conducted by Menlo Security, a provider of a cloud platform that provides secure access to applications.
Three-quarters (75%) of organizations continue to rely on virtual private networks (VPNs) to securely provide remote access to applications, with 83% reporting they are confident in their current approach to providing remote access.
However, as it becomes apparent that remote workers are part of the so-called ‘new normal,’ many organizations are at least considering other options, given how difficult VPNs can be to manage at scale and some of the inherent vulnerabilities in the protocols that many VPNs employ.
Mark Guntrip, senior director for cybersecurity strategy at Menlo Security, said in the wake of the COVID-19 pandemic most organizations provided employees with remote access capabilities for what was assumed to be a finite time period. Now that more organizations are providing a greater percentage of workers with remote access as part of the new normal, Guntrip said, more organizations are considering their options.
The Menlo Security platform provides a secure web gateway (SWG) that only renders content on a remote cloud service that is accessed via a browser running on an endpoint. That clientless approach eliminates the possibility malware might be downloaded onto an endpoint, noted Guntrip.
The survey finds more than a third (36%) of organizations are pursuing some form of a zero-trust approach to providing remote access. A total of 40% of respondents said they believe that a zero-trust approach to IT would also reduce the pressure on the IT team. Only 20% allow unmanaged devices to connect to corporate applications and resources.
While some employees are anxious to return to the office, there are just as many that prefer to work remotely. In many cases, organizations are finding they can recruit talent more effectively. Overall, 42% of respondents to the Menlo Security survey said they expect the need to support remote workers will continue to persist for another year, the survey found.
At the same time, however, just over half (53%) of survey respondents noted they plan to reduce or limit third-party/contractor access to systems and resources over the next 12 to 18 months.
There are, of course, a lot of options when it comes to providing remote access. Each organization will need to evaluate a range of platforms before deciding what mix of technologies provides the level of security required at a cost they can afford. In some cases, a VPN may be sufficient, but the more workers there are the more challenging it becomes to manage all the VPNs required. Most enterprise IT organizations are going to have to consider how to provide remote access on-demand at new levels of scale that, prior to the pandemic, few thought would ever be required.