We were already secure enough for mass remote working before COVID-19, boast IT pros

Nearly three-quarters of IT professionals haven’t increased their company’s security posture during the COVID-19 pandemic – while 90 per cent highlighted remote working as a security risk, according to a survey.

On the bright side, half of those people reckoned that remote working from home has increased productivity across the board while a further third said it was at about the same level as it was pre-coronavirus.

Carried out on behalf of secure identity biz Sectigo, its Work-from-Home IT Impact Study asked 500 IT pros for their views, comprising 100 Brits, 250 Americans and 150 drawn from Germany, France and Ireland. To be eligible, each of the IT pros had to work for a company employing at least 1,000 staff.

“As C-Level executives continue to embrace the increased productivity of a distributed workforce, they need to consider new approaches to security that rely on automation and secure digital identities,” said Sectigo CEO Bill Holtz in a canned statement, omitting to mention that his firm sells automation and secure digital identity tech.

The pandemic had an immediate impact on the IT security industry, according to the Sectigo survey, with 45 per cent of Britons saying they had to postpone planned security initiatives to apply themselves to setting up remote working tech instead. Happily, 53 per cent then reported that employee remote working productivity had increased – though a suspicious mind may wonder whether this is simply autobackslappery.

As security worries go, phishing and insecure home Wi-Fi were rated higher on the risk scale than connecting unknown personal devices to corporate networks, BYOD-style. Perhaps unsurprisingly, 82 per cent said they didn’t expect their employers to “significantly increase” security (spending) for corporate data and apps once offices reopen after the pandemic subsides; a finding explained by security already having been beefed up to cope with remote working.

Much to Sectigo’s chagrin, British respondents were mainly using traditional usernames and passwords (74 per cent) for remote authentication instead of its favoured methods, including biometrics (26 per cent) and user identity certificates (58 per cent).

A few weeks ago Sectigo let its AddTrust legacy root certificate expire, and due to a “bug in [its] system… continued providing the AddTrust External CA Root until the date of its expiration”, triggering a wave of mysterious certificate errors further down the chain of trust. ®

Sponsored: Webcast: Simplify data protection on AWS

READ MORE HERE