Security leaders want to give people more freedom -- but restrict it
A new survey of 200 enterprise IT and security leaders appears to uncover a fundamental paradox. 96 percent of respondents called for an expansion of IT freedom, while 91 percent say that enterprises also need to put more IT restrictions in place.
The study from OS isolation company Hysolate finds that in the post-COVID world businesses face demands to press for changes to IT security policies to simultaneously increase employee productivity while also enhancing the organization’s ability to ward off ransomware and other attacks.
Only seven percent of respondents think that their employees are satisfied with their corporate IT restrictions, and 93 percent think that employees are actively working around them. Increased reliance on contractors has also raised concerns about corporate access for non-employees. 87 percent of respondents overall see contractors as the single greatest threat vector when it comes to granting remote access to corporate resources. This figure is higher for financial services businesses.
Remote working has blurred the lines between work and personal time and this seems to have long term effects. 87 percent of respondents say that if employees could perform personal activities on their work devices it would increase productivity. In addition, 79 percent say that such IT freedom would reduce employee frustration.
"At first glance we were really surprised to see that any given respondent was calling both for more IT freedom for workers and also for more restrictive IT security," says Hysolate's CEO Marc Gaffan. "But as we dug deeper into the data it became clear that these leaders recognize that employee satisfaction is of utmost importance -- employee retention largely depends on it -- and that IT plays a critical role in enabling productivity and keeping workers happy. And they also understand how crucial IT security is in preventing remote access by external parties, like contractors and others, from becoming a rogue way into the Enterprise and also tunnel for data exfiltration. Today's enterprises need to keep both at the top of the priority list."
You can get the full report from the Hysolate site.