With hybrid work on the rise, many managers demand more security yet flexibility

As remote work abounds and with hybrid work models on the rise, many employees claim that the lack of freedom and security concerning remote connectivity poses a growing concern. A report released by Hysolate on Tuesday - an isolation innovator for security-aware enterprises - analyzed 200 enterprise leaders’ views on priorities for ensuring secure remote access to corporate resources. The study, which was titled “The Enterprise Security Paradox: Simultaneous Calls for Increased IT Freedom and More Stringent IT Security,” revealed how the hybrid work model that is emerging as the Covid-19 pandemic recedes is pushing for changes to security policies to increase employee productivity while also enhancing organizations’ abilities’ to ward off ransomware and other attacks without compromising security.

The study illuminated several interesting finds, among them that 96% of respondents called for an expansion of IT freedom, yet 91% assert that enterprises also need to have more IT restrictions in place. The responders claim that IT organizations need to have security policies which are both more forgiving yet simultaneously better protected. The study also found very few organizations whose employees were satisfied with current security policies. Some 7% of organizations believe that their employees are satisfied with their corporate restrictions, while the vast majority (93%) think that employees are actively working around those same restrictions.

In addition, the report found that many have concerns over corporate access for non-employees, such as contractors, with some 87% of respondents overall identifying contractors as the single greatest threat when it comes to granting remote access to corporate resources. The remote work model became a highly popular alternative during the height of the pandemic, and appears to be here to stay, businesses would prefer employees return to the office. Some 87% of respondents said that if employees could perform personal activities on their work devices, their productivity would increase, while 79% said such freedom could possibly reduce employee frustration.

“At first glance we were surprised to see that given respondents were calling both for more IT freedom for workers and also for more restrictive IT security,” Hysolate CEO Marc Gaffan said. “But as we dug deeper into the data it became clear that these leaders have recognized that employee satisfaction is of utmost importance, since employee retention largely depends on it. IT plays a critical role in enabling productivity and keeping workers happy. They also understand how crucial IT security is in preventing remote access by external parties, like contractors and others, from becoming a rogue way into enterprises where they can tunnel for data exfiltration. Today’s enterprises need to keep both at the top of the priority list,” he added.

Hysolate enables organizations to isolate risky or sensitive activities on users’ endpoints with a local workspace that isolates applications and data. The organization has reinvented how an isolated virtual environment can be deployed on a user’s device, while being remotely managed from the cloud. With Hysolate’s product, users can “split” their device into two isolated environments, enabling them to work freely without compromising their organization's security. Currently, Hysolate is backed by Bessemer Venture Partners, Innovation Endeavors, Team8, and Planven Capital.

The findings of the 2021 study demonstrate a significant shift in thinking from a year ago when Hysolate, in conjunction with Team8, published their 2020 study, titled “The CISO’s Dilemma: How Chief Information Security Officers Are Balancing Enterprise Endpoint Security and Worker Productivity in Response to Covid-19.” In it, respondents grappled with questions around worker productivity and corporate security, and argued over the best way enterprises could shift their security stances. However, this year’s study demonstrated that security and IT leaders understand that security policies can be finely-tuned to meet the particular needs of different organizations.