Thanks for joining us for this November 20th edition of This Week in Remote Work. As a reminder (or a head’s up for new readers), this is not intended to be an exhaustive compilation of the week’s pertinent news. Instead, we provide a quick overview and recap of the top five articles, reports, or stats that stood out to us this week.
With that said, feel free to drop additional articles that you found compelling this week in the comments below.
1) How Hackers Compromise Virtual Desktop Infrastructure (Security Boulevard)
If you’ve been constantly consuming new related to remote work (haven’t we all?), you’ve undoubtedly noticed that one of the biggest trends is the increase in security issues driven by this massive shift to working from home. From issues with VPNs to a continued increase in brute force and ransomware attacks – remote work has shone a spotlight on how critical the issue of secure remote work is for organizations of all size. This article stood out to us this week for its singular focus on discussing the security issues with virtual desktop infrastructure (VDI).
People assume that when a desktop session runs in a virtual environment, it’s somehow untouchable. Even if hackers wanted to launch an attack, the thinking goes, it would have no place to originate or propagate. Therefore, hackers wouldn’t even bother targeting virtual machines.
It’s a comforting notion. Unfortunately, it’s entirely incorrect…
…From a hacker’s perspective, virtual desktops are no different than their physical counterparts – any attack that works on one works on the other. That includes a whole arsenal of attacks: infostealers, banking Trojans, keyloggers, screen scraping, password recording, and many more. Virtual desktops may be distinct in terms of mobility and accessibility. In terms of security, however, they’re basically like all desktops: under attack from all sides.
To be clear, this article is not positioning VDI alone as the scapegoat for all remote work security issues. It actually has a much more noble intent, which is to bring awareness to the faulty notion that virtual desktops are inherently secure. It’s not saying that VDI is the only culprit – just that it is still vulnerable, and that IT needs to give virtual desktop security more attention.
Read the full article here.
2) Remote workers are ‘self-sabotaging’ their online security (Sailpoint)
Sticking with the security theme, we came across an interesting survey & report from Sailpoint this week that discusses the changing security landscape during the pandemic, while also looking at the role that remote workers themselves play in the increasing security threats. First, as an overview:
“When the pandemic began, businesses had to flip a switch to enable remote work nearly overnight. In this rush, many companies focused on granting access, skipping over the securing of that access. This resulted in an explosion of unsecured technology access across the business,” said Juliette Rizkallah, CMO, SailPoint.
SailPoint’s survey engaged a representative sample size of consumers 18+ across the United States, the United Kingdom, France, Germany, Australia, and New Zealand, digging into seemingly innocent overlaps that a newly remote employee may experience during life working from home. While the COVID-19 pandemic is the worst health crisis seen in nearly a century, bad actors view it as a way into a company. Nearly half (48%) of total U.S. respondents said they had experienced targeted phishing emails, calls, or texts in a personal or professional capacity during the first six months of remote work. Similarly, over half of EMEA and ANZ respondents (51%) experienced a phishing attack since the pandemic began, with one in ten (10%) reporting they were targeted by one or more a week.
With half of all organizations reporting that they’ve experienced attacks in the first 6 months of the pandemic, it’s safe to assume that attack sophistication and velocity will continue to increase. The report also digs into the role that remote employees play in these increasing attacks:
As the lines between home, work, and school fade, so too have the barriers businesses put in place to keep employee’s personal and professional information secure. The SailPoint survey found 1 in 3 U.S. employees and half of employees in EMEA, Australia, and New Zealand use their own computers and smartphones to work remotely. SailPoint’s findings also show that password sharing has become more commonplace within households during the pandemic. 1 out of 4 respondents shared work passwords with a third-party, including partners, roommates, or friends.
All the more reason to ensure that your Digital Workspace strategy and solutions have security baked into their foundation. A Zero Trust approach to securing remote work helps ensure that well-intentioned remote employees don’t accidentally cause a major security breach.
You can read the Sailpoint press release about the report here, or download the full report for free here.
3) 5 Reasons Why You Need to Get Rid of Your VPN (Citrix)
I know what you’re thinking – isn’t Citrix one of your biggest competitors at Cameyo? (First of all – the answer to that is yes and no. Citrix takes a virtual desktop approach to Digital Workspaces, whereas Cameyo focuses on Virtual App Delivery. So in many organizations Citrix and Cameyo would be deployed complementarily as orgs right-size their approach to desktop & app virtualization). But all that aside – you’ve got to give credit where credit’s due, and this post/infographic from Citrix is really well done.
We’ve gone in depth in the past about the critical need to move beyond VPNs for remote security. And this Citrix infographic does a good job of illustrating why. Here are the 5 key points, but it’s worth clicking through to get all of the supporting stats:
1) You’re at high risk of security breaches
2) VPNs are hard to scale
3) Your employees access corporate VPNs through unmanaged devices
4) VPNs aren’t designed to detect breaches
5) You’re compromising employee privacy
Take a look at the full post and infographic here.
4) Pandemic Will Halve The Amount Of Companies Not Using Full Time Remote Work: Report (Nutanix)
While we’re giving credit to other players in the ecosystem, Nutanix deserves a shout out for their impressive “Nutanix Enterprise Cloud Index” report. This report is a wealth of great information that goes well beyond just the topic of remote work. But the article linked in the headline above honed in on a very interesting finding – the fact that the percentage of companies who say that they’ll be back to having zero employees who work remotely full time will decrease to only 13 percent. In the 2019 version of this report, that number was 26 percent. As a result of the pandemic, the number of companies resisting remote work long term will be cut in half.
Unsurprisingly, companies are preparing for the lasting legacy of remote work. The pandemic put the migration of remote work into hyperdrive. Only 7 per cent of companies persisted without any full time employees working from home.
That rate is expected to grow back to 13 per cent by 2022, according to the report, but won’t come close to the 2019 mark where a quarter of businesses didn’t utilise full time remote work.
Also interesting is the fact that, even though we’re now 8 months into the pandemic, many organizations still have a lot of work to do regarding their long-term remote work strategies:
Around half of the IT leaders said improving their systems and supporting work from home capabilities are priorities in the next 12 to 18 months.
Read the article here, and check out the full Nutanix Enterprise Cloud Index here.
5) Remote working: How employers can support mental wellbeing this winter (TechRepublic)
While addressing the technology issues around delivering secure, productive remote work is important, it’s also critical to think about the impact that remote work (and the pandemic as a whole) is having on our people. The winter is tough for a lot of people emotionally anyhow, but when you add the anxiety and fear of a global pandemic and the effects of social isolation – it takes a toll on our mental wellbeing. This article stood out to me as a great compilation of important stats every organization should be aware of:
According to the US Centers for Disease Control and Prevention (CDC), 41% of American adults have struggled with mental health issues stemming from the COVID-19 pandemic. In the UK, research from the Office for National Statistics (ONS) suggests that almost one in five adults have been experiencing some form of depression this year – almost double the figure from 2019.
Burnout is also reaching critical levels. According to a recent survey by FlexJobs and Mental Health America (MHA), 75% of workers have experienced burnout this year, with 40% citing it as a direct result of the coronavirus pandemic. Ongoing remote working appears to be a contributing factor, with employees working longer hours and struggling to connect meaningfully with their work while workplaces remain shut.
This is a fantastic article that goes well beyond just compiling the stats and illustrating the issues – it also provides very thoughtful and actionable items that all of us can implement to help take care of our employees. I highly recommend reading through the whole article. If nothing else it’s a great reminder for all of us to be aware of the challenges our coworkers may be facing, and to remind us to be kind to each other through these difficult times.
Hang in there everyone – and we look forward to seeing you back here next Friday for the next roundup.