Based on that idea, we formed the Digital Workspace Ecosystem Alliance (DWEA), and decided to specifically focus on educational content that would help everyone understand the digital workspace technology stack, learn from what their peers are doing, and learn how to evaluate which components of the digital workspace stack actually make sense for their organization’s specific needs. First we released the “Evaluating the Digital Workspace” white paper (which you can download here), and since then we’ve gone on to create all kinds of content including our first annual Digital Workspace Summit (you can access all sessions from the Summit on-demand here). 

Today we are excited to announce the results of the DWEA’s first annual survey in the form of our “State of the Digital Workspace 2023” report (download the full report for free here). The purpose of this survey was to identify how many organizations have a digital workspace strategy in place today, where they stand in executing those strategies, and the pain points/roadblocks they’ve experienced along the way. We also set out to determine if IT pros believe their strategies are paying off, or if they plan to course-correct in the future. The result is a roadmap for IT decision makers providing better insight into what’s working for their peers so they can make more informed decisions as they hone their own digital workspace strategies.

The Report Methodology, Size, and Geographic Breakdown

Back in September 2022, the DWEA introduced its first annual survey to gauge the current state of digital workspace adoption, benefits and challenges. The survey was completed by 2,660 digital workspace professionals globally, making it one of the largest digital workspace technology-focused surveys to date.

Rather than focusing on the location of the individual survey respondents (or the organizations they work for), this survey identified the geographic breakdown of the end-users that each survey respondent manages. This was done so that we could provide a better view of the modern remote & hybrid workforce. That geographic breakdown is as follows:

• 69% of respondents manage end-users in the Americas
• 30.5% of respondents manage end-users in EMEA
• 29.4% of respondents manage end-users in APAC

To read through the DWEA’s announcement/blog post about the report, which provides a broader overview of all of the findings, check out the post here. In this blog post, I plan to specifically hone in on some of the key issues relevant to anyone who is evaluating virtualization solutions – either for the first time, or (like many in the survey) to replace the legacy technologies they have in place to enable a more productive and secure digital workspace while dramatically reducing cost. 

The State of Remote & Hybrid, and the Murky Path Back to the Office

The results of the DWEA survey speak loud and clear: Supporting a hybrid and remote workforce continues to be a priority for a majority of organizations. More than 58% of DWEA survey respondents confirmed that they will offer their people the option to work either remotely or hybrid on a permanent basis. On the flip side of this is the nearly 42% of survey respondents who said that they expected all of their users to be back in the office full-time “at some point.” 

Although roughly 6 out of every 10 organizations are banking on remote/hybrid work for the long term, there’s an undeniable division of thinking when it comes to whether workforces will eventually make a wholesale return to the office. Those that have committed to hybrid and remote work will benefit from being able to build a digital workspace strategy accordingly. And they will almost certainly benefit from those actions being more in line with employees’ broad expectations of a remote work option.

For organizations that expect their people to be back in the office full-time at some point in the future, the roadmap to get there is murky. As a result, it will be vital for them to establish a sustainable and flexible digital workspace strategy that can support hybrid work right now and adapt over time. With the lesson of the pandemic still fresh in everyone’s mind, whatever strategy they adopt will have to allow them to respond to rapid and unforeseen shifts in workplace environments.

Legacy Technologies Are Holding Us Back

Another key finding of this survey is that legacy technology is a lingering hurdle that is preventing organizations’ full transition to a secure, productive digital workspace. This is worth exploring in its own right, given that VDI and legacy apps crop up as a sticking point throughout the DWEA survey.

When asked about the virtualization technologies they were utilizing to deliver cloud desktops to their users, more than half (51%) of the respondents stated that they were using VDI. However, close to half (48.2%) of the respondents also said that the “performance of the solution” was the chief problem with their virtual desktop environment. Another 41.7% cited cost as a major concern. These figures are a clear indication that legacy virtualization technology like VDI may still be relatively commonplace, but in many cases it is having a negative impact on productivity and budget.

In addition, 36.9% of respondents said that keeping applications up to date was a critical concern in their hybrid desktop environment. Another 21.4% cited the management of legacy applications as a key challenge. Since legacy apps are still critical to many organizations’ overall operations, this points to a need to offer legacy applications to users in a way that actually streamlines that overall management and distribution.

This combination of issues caused by legacy VDI technology and the need to give users access to all of their legacy applications might explain why we’ve seen such a spike in the adoption of Virtual App Delivery (VAD) technology. The DWEA survey revealed that 47.4% of respondents are utilizing VAD to deliver cloud desktops today. That number is up from the 32.4% who said they were using VAD in the 2021 “VDI Like a Pro” survey.

What’s more, the DWEA results confirm trends that were identified in that prior report. Of the respondents to the “VDI Like a Pro” survey, 17% of those who were using VDI at the time indicated that they would be making the shift from VDI to VAD within the next two years. With DWEA respondents reporting more than 47% VAD adoption just one year after the “VDI Like a Pro” survey, this predicted migration is already ahead of schedule.

So What’s Next?

Organizations seem to be taking a hard look at the legacy technology they have in place and asking themselves if it’s truly working for them. While there are still legacy apps that are vital to their workflow, other legacy software, like VDI, is not meeting expectations and needs to be supplanted. The question is, how can they streamline the management and delivery of legacy solutions they want to keep while seamlessly replacing the legacy solutions they want to eliminate?

Based on the DWEA survey results, organizations are increasingly finding the answer in Virtual App Delivery. The respondent breakdown (51% using VDI, 47% using VAD) shows that adoption of the two virtualization technologies is already close to parity, even though VDI has a multi-decade head start. When taking the 2021 “VDI Like a Pro” survey results into account, the roughly 15% year-on-year growth in VAD adoption is striking. That rapid uptake suggests that organizations are finding VAD to be more cost-effective, less complex and more capable than traditional virtualization methods.

If your organization is in a similar situation and you are looking for a modern, cloud-native alternative to your legacy VDI or DaaS solution, Cameyo can help. Check out our case studies to learn about other organizations (including Fortune 500 orgs) who have made the switch from VDI/DaaS to Cameyo’s VAD technology. Or if you’d like to see Cameyo in action and learn how it could simplify your virtualization environment while improving your user experience and reducing cost by up to 70% compared to VDI, go ahead and schedule a demo here. 

And don’t forget to get your free “State of the Digital Workspace 2023” report, which you can download directly from the Digital Workspace Ecosystem Alliance (DWEA) here. 

The post Introducing the State of the Digital Workspace 2023 Report appeared first on Cameyo.

In the past year, the DWEA has released our initial white paper – “Evaluating the Digital Workspace Ecosystem” (download available here) – which provides an actionable guide for reviewing and evaluating which digital workspace technologies make sense for your organization. And earlier this year we pulled together an all-star list of end-users to share their real-life stories of how they developed and executed their digital workspace strategies. All of those sessions from our inaugural Digital Workspace Summit are available on-demand here.

As you can see, the DWEA aims to keep it’s content focused on providing resources that can actually help you develop a digital workspace strategy that fits the specific needs of your organization. But a key part of providing the most useful tools to help people hone their strategies is identifying where organizations are in their digital workspace journeys today. Which is why we’re excited to launch our first bi-annual “State of the Digital Workspace” survey – which we’d like to invite you to complete before Wednesday, July 27th.

The survey takes roughly 7 minutes to complete, and as a thank you for participating and adding your voice to the survey, we will send you a free copy of the final report once it is completed in August. Also, you’ll be entered into a drawing to win one of five $100 (or local currency equivalent) gift cards. And if you are not able to accept a gift card, the DWEA will make a $100 donation to the non-profit of your choice instead. 

You may be wondering whether or not this is worth your time, and if you’ll gain any real insights from the data that we’ll be providing in our final report. As of 7/19, over 2,000 IT professionals have completed the survey, making this one of the digital workspace industry’s largest surveys to date (and we expect to hit over 3,000 responses by the time we close the survey next week). This is going to be an incredibly valuable dataset that will give you a solid picture of where your peers and other organizations are at in their digital workspace journey today. 

We look forward to sharing the results of this survey with you all in August – and to be the first to receive the results, please go and complete the survey here today! 

The post Introducing the “State of the Digital Workspace 2022” Survey appeared first on Cameyo.

Ransomware is a sinister threat to your data and business-critical systems, and one that has been increasingly targeting remote & hybrid workers since the beginning of the pandemic.  The threat landscape is growing and as we’ve seen with major attacks across multiple industries and sectors recently – from the Colonial Pipeline, to JBS Meatpacking, to Kaseya – no business is immune to a ransomware attack. 

Remote access systems and protocols have long been a favorite target of cybercriminals using ransomware.  And as most organizations have heavily pivoted to remote access solutions since the onset of the pandemic, the attack surface of the newly evolving digital workspace is growing larger.  

In this post we’ll discuss the threats that exist within the digital workspace and how organizations can protect themselves.

Ransomware attacks are increasing

Already this year, large-scale ransomware attacks have made major news headlines.  On May 7th, 2021, Colonial Pipeline was targeted with a ransomware attack from a criminal hacker group known as “Dark Side.” The attack took down critical systems and infrastructure.  The fallout from the ransomware attack resulted in the shutdown of 5500 miles of pipeline, effectively eliminating half of the fuel to the United States East Coast.  The shutdown led to panic buying and fuel shortages for days.  

Cyberattacks are increasingly featuring ransomware.  The Group-IB LLC, a cybersecurity provider, noted the number of ransomware attacks was up by 150% in 2020.  This increase also includes a 200% increase in the extortion amount.  According to Cybersecurity Ventures, ransomware will attack a business every 11 seconds by the end of 2021. In addition, the costs of ransomware attacks are projected to be $20 billion.  These figures represent a 57X increase since 2015.  It shows just how effective and successful ransomware attacks have become.

More figures showing the escalating nature of ransomware:

• In 2020, ransomware attacks surged 800%
• In 2020, 73% of all Ransomware attacks were successful with no effective defense.

Remote connectivity to the digital workspace – a gateway for ransomware

Experts agree that remote connectivity to corporate resources, born from the unique productivity needs of the pandemic, has created the perfect storm for ransomware.  John Hammond, a cybersecurity researcher at the security firm Huntress, put it this way:

“When you are working from home, you are not behind the castle walls anymore.  You are working with your own devices, away from the safe perimeter of corporate networks.”

IT and network teams have been forced to open network connectivity in ways that may not have previously been allowed before shifting to the distributed workforce.  This shift facilitates the growing demand for remote workers and flexibility of communicating with corporate networks to access internal resources.  In addition, many more users may now have access to VPN clients, RDP connections, and other remote connectivity. 

Key statistics to note:

• 1 in 4 Americans will be working remotely in 2021
• 36.2 million Americans will be working remotely by 2025
• These statistics represent an 87% increase from pre-pandemic levels

Each new network “exception” that may be allowed to remote workers opens a hole in the organization’s armor. It can make it much easier for hackers to enter the internal network and compromise business-critical data.  In addition to the sheer number of network allowances made this past year, the types of remote technologies used to access the digital workspace are often legacy and antiquated. This leads to additional cybersecurity risks. 

Traditional remote access technology security risks

What are considered legacy remote access technologies at this point?  For decades, organizations have historically used technologies such as Remote Desktop Protocol (RDP) and Virtual Private Network (VPN) to connect to internal corporate resources.  While these have worked well in the past, they were never designed to scale to a situation where most people work remotely, and they introduce significant security challenges.

Remote Desktop Protocol (RDP) has been notorious for security-related vulnerabilities that have led to widespread ransomware infections.  A recent analysis of popular Remote Desktop clients was found vulnerable with over 25 vulnerabilities to note amongst with the three clients analyzed.  A total of 16 of these were classified as major vulnerabilities.

Time and again, Microsoft has announced vulnerabilities found in RDP, leading to a scramble to patch affected Windows Servers and desktop operating systems.  In May 2020, Microsoft announced another vulnerability, CVE-2019-0708, dubbed BlueKeep.  Hackers can also use the leaked NSA tool called EternalBlue, which uses the BlueKeep exploit to unleash a wormable virus that would look like the NotPetya attack on a global scale.

Aside from the security vulnerabilities and zero-day exploits found in RDP, it is highly vulnerable to brute force attacks when placed on the public Internet.  Hackers, bots, zombie machines, and other malicious traffic on the Internet will readily attempt to brute force user accounts to find accounts allowing access on an exposed RDP endpoint.  A compromised user account and an exposed RDP server can lead to an attacker coming right in the “front door” of your digital workspace, potentially with high-level account access to connect to sensitive resources.

Microsoft never intended RDP to be placed in the perimeter with the RDP endpoint exposed.  However, this is the easiest way for businesses to stand up remote connectivity for end-users, especially in a time crunch as seen in the beginning stages of the pandemic.  To engineer the RDP environment properly, organizations should use the Remote Desktop Gateway server, which tunnels RDP traffic over HTTPS connections instead.  Insecure RDP connections can lead to increased vulnerability to ransomware attacks.

The traditional Virtual Private Network (VPN) connection can also increase risks for a ransomware attack.  Like RDP, VPN connections can be misconfigured, use weak passwords, and lack two-factor authentication, which can easily lead to compromised credentials allowing an attacker to make unauthorized connections to internal resources.

VPN connections also allow a potentially insecure end-user machine to become part of the corporate network, exposing all other corporate network resources to any malicious software that may have infected the end-user client. Thus, VPN connections are logically like taking a long patch cable and extending the patch cable to the end-user client.  

The patch cable makes the client part of the corporate network.  There are ways to restrict VPN connectivity to limit the scope of which resources a client can connect, but this configuration again is another possible area where misconfiguration can happen or get neglected.  VPN credentials are also a weak link in the overall security of remote access technology.  

Suppose a user account password that is granted VPN access to the corporate network is compromised. In that case, an attacker essentially “becomes” that user and can connect to the VPN tunnel.  As a case in point to the danger of compromised credentials with remote access technologies, the Colonial Pipeline hack has since been attributed to a leaked VPN account password.    

According to Charles Carmakal, senior vice president at the cybersecurity firm Mandiant:

“Hackers gained entry into the networks of Colonial Pipeline Co. on April 29 through a virtual private network account, which allowed employees to remotely access the company’s computer network….”

The account, used by a former employee, was part of a list of breached passwords found on the dark web.  The VPN account also did not use multifactor authentication, making it even more vulnerable.  It shows just how fragile and insecure remote access solutions can be if these are not appropriately secured.

Protecting your digital workspace from ransomware

With the significant ransomware threats to your business and the demand for hybrid connectivity at an all-time high, how can you protect your digital workspace? Let’s focus on the following five areas:

• Evaluate your current remote access technology
• Implement two-factor authentication
• Leverage virtual app delivery
• Implement breached password protection
• Adopt a zero-trust environment

Evaluate your current remote access technology and access

As mentioned earlier, some organizations may be relying on remote access solutions that have been around for a decade or longer. Therefore, it would be wise to evaluate your current remote access technologies and how end-users are accessing digital workspace resources today.  Are there multiple technologies that allow users to gain access to the internal corporate network?  Is remote access for end-users overprovisioned?  Do users have access to full desktop environments when they only need access to a few applications?

You should audit which users have access to current remote access solutions and evaluate if access needs to be removed for any users who no longer need it.  In the Colonial Pipeline ransomware attack, a former employee’s account was still active with a breached password.  This stale account was used for unauthorized login via VPN.  With proper auditing, stale accounts should be removed regularly to reduce the attack surface.

If your business uses legacy or improperly configured remote access solutions such as an RDP server exposed to the perimeter or unrestricted VPN connectivity, now is the time to reevaluate remote access strategies and technologies for end-users to access digital workspace platforms.

Implement two-factor authentication

Cybercriminals are feverishly attempting to compromise credentials in your organization, as can be seen with the number of phishing attacks targeting most businesses.  Valid credentials, if these can be compromised, provide an easy way into your network.  Again, using the Colonial Pipeline ransomware attack example, all it took was a set of compromised VPN credentials to take down a massive pipeline operation shutting down 5500 miles of infrastructure.

The user account was not secured using multifactor authentication (MFA).  With multifactor authentication, even if attackers gain access to a valid user account and password, they still do not have all the information needed to authenticate.  While not the “end all, be all” of user credential security, it significantly bolsters any organization’s cybersecurity to implement MFA across the board, both for on-premises and cloud resources.  

Leverage virtual app delivery

As businesses evaluate current remote access technologies and access, it can become apparent that some users with access to full virtual desktops may only need access to applications instead.  Often, only power users need full virtual desktop sessions made available remotely.  Using virtual application delivery instead of full desktop sessions drastically reduces the attack surface.  Additionally, businesses may no longer need to allow VPN connections to the internal network with virtual application delivery. The application is made available to a user instead of opening the entire network to run a few applications. Thus, it serves as a much more efficient and secure approach.

Pivoting from full desktops to virtual application delivery can also have a cascade effect on security.  Many businesses find they need fewer resources and infrastructure when delivering applications instead of full desktops. As a result, the attack surface is significantly reduced when an organization has fewer resources to maintain, patch, and secure.

Implement breached password protection

As is highlighted in the Colonial Pipeline attack, breached passwords can come back to haunt an organization, especially if credentials make it to the dark web and into the hands of cybercriminals. Unfortunately, most identity and access management solutions in the enterprise today (Microsoft Active Directory as an example) do not provide native breached password protection.  

For the most part, outside of open source solutions, businesses must look to third-party solutions to introduce these capabilities into the environment.  These third-party solutions generally implement large breached password databases and scan your environment to ensure users are not using breached passwords.  Breached password protection can significantly increase account and password security when used in tandem with multifactor authentication.

Adopt a zero-trust environment

In the traditional networking model, internal networks were considered secure and “trusted.”  However, with the ransomware threats posed to businesses today, this model is no longer a safe way to operate your network.  Instead, hackers hope that companies operate with the mindset of having a “trusted” LAN.  Unfortunately, cybercriminals have been all too successful in using phishing, malicious websites, and malicious emails to infiltrate the internal network.  Once there, they have free reign over the “trusted” network as there are generally little to no security boundaries in place.  

Modern and secure network topologies view everything as untrusted and potentially malicious, including the internal network.  Additionally, even with services placed in the DMZ or edge network, look for solutions that segment and separate devices from the network to prevent access to your data, prevent lateral movement, and wipe user data after every session. Finally, a zero-trust model, based on identity, prevents the age-old problem of having RDP servers continually open from the Internet and subject to nonstop brute force attacks and password spraying.  

Wrapping Up

Ransomware represents arguably the greatest threat to your business-critical data of any modern cybersecurity threat. And with the accelerated evolution and migration to remote and hybrid work technologies brought about by the pandemic in 2020, remote connectivity and access to digital resources are critically important.

With this tremendous shift to “open” connectivity and access from anywhere and any device, cybersecurity in the digital workspace must be a focal point now more than ever.  But, unfortunately, hackers are using the new doorways into environments to launch massive and relentless ransomware attacks worldwide.  Choosing intelligent, effective, and secure remote access technologies and evaluating the tools and security measures in place will allow businesses to embrace the digital workspace with confidence.      

The post Protecting Against Ransomware in the Digital Workspace appeared first on Cameyo.

Endpoint security is of paramount importance for any organization and critical to IT success. Without proper anti-virus software, email filtering, and web filtering for endpoints, your organization will be left vulnerable to a number of attacks, such as viruses, ransomware, malware, and phishing. In the previous 12 months, 68% of organizations experienced one or more successful endpoint attacks, according to a 2020 study conducted by Ponemon Institute.

Remote work has been mostly a success for many businesses across the world while dealing with the pandemic. As restrictions ease and staff begin returning to the office in person, it’s important to note that the future of work will most likely be a hybrid environment for most companies. In fact, a recent survey from Harvard Business School showed that 81% of workers either don’t want to report back to the office or would prefer to work hybrid. With more workers wanting the flexibility that hybrid work environments offer, businesses must begin analyzing the security of their network. 

Print and Scanning Security

Most businesses already implement the cybersecurity measures mentioned above. More staff working off-site means that there will be an increase in the number of endpoints accessing your network. Your business most likely already protects staff’s laptops and tablets, but their other devices need to be secured as well.

The printers and scanners your staff use at home can be just as vulnerable as their computers. IT teams can bolster the security of these devices by using the tips below:

1. Control access to printers and scanners. Not every employee needs access to every device. IT teams and system administrators should control access to devices for end users

1. Ensure your IT team has proper access for the correct role. Sensitive or confidential information must be delivered and printed on the correct device.

1. Control redirection policies so not just anyone can redirect. With so many employees working from home, businesses may not want those employees printing and scanning on non secure devices.

1. Secure the print data flow. Printers and scanners often house sensitive data before and after jobs, so it’s important to be sure they’re secured.

With so many devices and endpoints that need to remain secure, it’s easy for printers and scanners to be lost in the shuffle. But every endpoint is a vulnerability, and that’s why organizations must find the right solution to protect their printers and scanners as much as their workstations and laptops.

The post Security Vulnerabilities in Printing & Scanning and How to Fix Them appeared first on Cameyo.