Almost exactly three years ago, the COVID-19 global pandemic arrived, and millions of workers were forced to do their jobs apart from coworkers and away from workplaces. This resulted in an unprecedented increase in employees who do the majority of their work online from anywhere they can get internet access—more than likely at home. Of course, work-from-home (WFH) employees have been around for years, but they were always a small fraction of an organization's staff.
But, when the tables turned with the coronavirus shutdowns of 2020 and remote workers became the majority, organizations had to quickly adapt—especially IT departments. After employees scattered around the globe, and then months later some returned to on-site workplaces—though many not as regularly as before—the “hybrid workforce” became an accepted term for describing the phenomenon.
CIOs, CISOs, and IT departments were compelled to update existing work-from-home (WFH) policies and create new ones to account for the fast and massive evolution of how and where their organizations’ employees worked. The descriptor “WFH” was rebranded as “WFA” (work-from-anywhere) to better reflect the reality of the hybrid workforce.
To get a better understanding of this new way of working and organizations’ new WFA culture and cybersecurity policies, Fortinet commissioned a global research study. The Fortinet 2023 Work-from-Anywhere Global Study is based on a survey conducted in early January 2023 and included 570 organizations from around the world with at least 100 employees.
The goal of the report was to do a deep dive into how organizations are responding to the major cybersecurity challenges that have come as a result of the WFA evolution and how they’re evolving going forward. The survey questions were developed to reveal the level of commitment organizations have in protecting their networks, data, and employees—and what specific cybersecurity concerns have the highest priority.
Other objectives of the survey include:
After analyzing the survey results, we came away with three key findings:
Below are some of the most interesting survey results that are documented in the report.
The responses to one of the primary survey questions—What does your company’s remote work policy look like currently?—reveal that 60% of the 570 companies in the study are still accommodating employees working from home, and 55% of organizations are embracing a hybrid work strategy for their employees.
The insecurity of home and remote networks is considered by most organizations to be their top WFA security risk. This is a big issue largely due to the inability to extend corporate security to a non-corporate environment. Other risks include employees using company laptops for personal reasons, employees not following security protocols when not in the office, and unknown users sharing the home network.
What organizations want is the ability to establish consistent policies across all locations, including those where workers connect to the network remotely. The challenge is finding vendors that can implement solutions and enforce protocols on the corporate network as well as in home offices. This is likely why nearly half (42%) of those surveyed end up using different vendors.
Companies have already deployed solutions to address risks to some extent, but planned investments in security solutions are broad, especially for laptop antivirus and VPN.
Interestingly, while the top priority for securing remote workers cited is network access control, with 58% reporting having already deployed such a solution, only 4% list ZTNA as their most important investment despite its ability to limit access to network resources. Ironically, VPN, which provides broad access to the network, is in the top 10 of the most important investments.
Perhaps the most startling finding from the survey is learning that nearly two-thirds of the companies have experienced a data breach due to their WFA-employee vulnerabilities.
Based on the survey results, it is evident that there is an increased risk associated with remote work, and this is a concern for many organizations. While all respondents share the common objective of improving remote work security, they differ in their preferences for security solutions.
Fortunately, Fortinet offers a range of solutions that cater to different security needs, using a defense-in-depth approach. These solutions include Linksys HomeWRK, which provides secure connectivity for WFA employees, and FortiSASE and ZTNA, which help organizations secure their WFA workforce. By leveraging Fortinet's comprehensive range of solutions, organizations can improve their security posture while increasing productivity and efficiency.
Read the complete Fortinet 2023 WFA Global Study to learn more about the current state of the WFA workforce and how organizations are adjusting and responding.