Top 5 security challenges of the modern workplace
- Posted on July 3, 2019
- Estimated reading time 4 minutes
There’s no doubt that great employee experiences generate great business outcomes.
But, as you seek to unlock the benefits of a modern workplace, new security challenges emerge. If you don’t address them, you risk slowing innovation, as well as putting your data and your business goals on the line.
To help make your move to modern workplace platforms successful, we’ve outlined the top five security challenges you need to overcome on your way.
1. A new perimeter: The modern workplace coincides with a proliferation of new end-point devices and the demand for anytime, anywhere access. As a result, using firewalls to keep data and devices safely locked behind company lines is no longer enough – or effective – as a lone strategy.
What is needed is a new approach, a new definition of “the perimeter” that evolves and moves with your users and their devices, wherever they are and wherever the data sits. Anything else leads to exposure, risk and the inability to manage vulnerabilities at the source.
2. Inherited risk and complexity: As you transition into new workplace platforms, legacy environments and investments put your organization at risk. This is especially true if previous migrations were simply a lift and shift to a new destination, without taking the opportunity to rethink and update your security posture. For example, most organizations have not significantly updated their approach to securing Active Directory in years (maybe decades). It won’t matter how well you configure new cloud applications if your central identity platform is leaving you exposed.
Businesses have also built up a complex jumble of ad hoc, point security solutions; the average business has over 80 security tools in place. Not only is this chaos costing you more than it needs to, it is making it more difficult to gain insights and control of workplace security.
3. Making the most of what you have: Most modern workplace platforms have a powerful set of security tools and capabilities built in. Unfortunately, organizations aren’t always aware of the tools they are paying for. Or, if they are, they aren’t sure how to properly leverage them. According to our research, only half of executives say their organizations have basic security practices in place, such as password rules (like required resets and multifactor authentication). And just 33% of organizations are using single sign-on to secure and simplify user access.
Yet, many of these powerful security capabilities are available “out of the box,” in platforms such as Microsoft 365. The same cloud platforms also let you easily configure automation and intelligence to proactively ensure good security behaviors and reduce the strain on IT support.
In the first case, businesses must ensure they have properly configured access policies and have the tools in place to automatically spot and prevent suspicious behaviors from inside. On the second, ensuring users are properly trained and regularly tested on keeping safe (such as with phishing drills) is a must. You also need to make safe, approved behaviors easier and more engaging than the alternatives. If you create more friction in the use of secure work processes, you reduce adoption and increase the odds of unmanaged Shadow IT.
5. Waiting for a catastrophe: No organization wants to get breached or end up in the headlines for the wrong reason. Unfortunately, sometimes that’s what it takes for security to be taken seriously. One of the most dangerous situations when pursuing a modern workplace is to not include security as a business objective from the day planning begins, right through delivery and ongoing support.
It’s no longer a question of “if” you will get breached, but more likely of “when.” That’s why modern security is proactive. It seeks to reduce the damages and speed your reaction time if, and when, breaches occur.
How do you overcome the challenges of securing the modern workplace?
A modern workplace holds enormous promise for the business – but those promises will be unfulfilled if poor security gets in the way.
Organizations must learn how to secure beyond traditional perimeters; address legacy risks and complexities; fully leverage security capabilities baked in to modern platforms; combat human error and insider threats; and take a new, proactive approach to security planning from day one.