The survey, conducted by research firm ONR, polled 3,000 technology executives and employees who work on information security, network operations, and application development. It found that 61 percent of companies have struggled to provide the security that employees need to work remotely, and many are now facing heightened risk as a result.
When companies sent their employees home in response to the pandemic, they had to move quickly to make sure workers could access their internal networks and tools. For many companies, this meant security became a lower priority. The survey found that 44 percent of employers focused on improving remote network access but invested little in remote security. Thirty-five percent invested in both, and 21 percent made minimal changes to either their network architecture or their security, according to the report.
Nearly half of respondents reported that they've loosened security policies or been more lax in enforcing them while employees have been working remotely. That's because of budget constraints, a lack of time and resources, and the need to respond quickly to remote work demands, according to the report. But even companies that did implement remote security measures are having trouble: 35 percent of respondents said their remote employees have circumvented or purposely disabled company security measures when they became too complex or hindered productivity. Workers were more likely to do this -- and to take other risks, like connecting to unsecured networks or sharing confidential files via email -- when their employers allowed them to use personal devices for work, according to the report.