We can all agree that 2020 was a strange year – with economic uncertainty, political unrest, and to top it off: a global pandemic. Undoubtedly, the pandemic and the resulting lockdowns uprooted every aspect of normalcy and shifted day-to-day business priorities and operations. Despite the disruptions, the pandemic accelerated digital transformation in the workplace, and organisations have had to adapt, invest and harness new technology to foster growth and innovation amid uncertainty.
As the end of the year quickly approaches, 33% of US employees are still working from home – with limited knowledge of when offices will reopen. For many organisations, COVID-19's ramifications have forced companies to reimagine their security and IT strategy. A new year brings new change – and anticipating what’s next can enable organisations’ IT teams to be better prepared. Here’s what’s on the horizon in 2021.
Prioritisation of Identity Management as the new Security Perimeter
The shift to a remote workforce has exponentially expanded the threat surface, and organisations' IT departments are facing new security challenges. Previously, many organisations still used a perimeter-based security model, leveraging traditional controls like firewalls and VPNs to protect against threat actors. Since most, if not all employees are now doing day-to-day work outside of the office using SaaS and mobile solutions to get their work done, these controls do not scale and are no longer enough to protect against online vulnerabilities in a remote environment.
This digital dynamic workforce shift has highlighted and accelerated the need for security outside the company's physical or even logical perimeter – as employees are now accessing business accounts through various devices in various locations. Plus, many of the account’s employees use to get their work done are not full within the control of the IT team. When you remove the perimeter, the application itself and remove control over the end device, the only thing that is left to protect is the identity of the user. Securing Identity becomes the new perimeter for IT. That’s why prioritizing a robust identity and access management (IAM) strategy will become more important than ever to support a secure remote workforce. There will be a continued emphasis on organisations implementing IAM solutions such as single sign-on (SSO), password management, and multifactor authentication (MFA) to further enhance remote employees' and the organization’s security.
Increased Adoption of Passwordless Authentication
Organisations are starting to understand the benefits of a passwordless login experience – as it encourages higher security and employee productivity, while also freeing up resources for IT. While passwords aren't going away completely anytime soon, our recent report found that 92% of IT professionals believe that passwordless authentication is in their organization's future. Additionally, the report found that most IT and security leaders understand the importance of reducing the number of passwords used daily.
In 2021, organisations will continue to make strides towards passwordless authentication deployment by implementing IAM solutions such as an enterprise password manager, SSO and biometric authentication that complement regular passwords. These technologies will ultimately streamline and simplify the login experience for end users, while providing better control and visibility for IT teams.
A Renewed Focus on a Strong Security Culture
At a time when the speed and volume of cyberattacks continues to rise, the cybersecurity behaviours of employees are more important than ever and establishing a strong security culture will take centre stage for organisations. Security is closely tied to how employees – at all levels – perceive the importance of security and understand the implications of their security habits.
People have become numb to the security threats they face – whether at home or in the office, and although they understand the potential risks, they often don’t take action. For example, in the recent LastPass Psychology of Passwords survey, found that 91 percent of people know that using the same password over and over is risky; however, 66 percent do it anyway. In 2021, we’ll see IT and security teams double down on this dissonance and get people engaged in security – through trainings, new products and the integration of a stronger security focus into everyday life.
Looking Ahead to a New Year
As the pandemic continues a paradigm shift into a remote workforce, secure access from anywhere will remain a top priority for all IT and security leaders in 2021. A proactive security posture is necessary to navigate this new workplace normal. It’s now more critical than ever that organisations’ IT teams are prepared for the challenges that lie ahead and evaluate the best solutions to meet both their and their remote employee’s needs.
Author: Gerald Beuchelt, CISO at LogMeIn
LastPass Identity provides integrated access and authentication for the control and visibility that IT needs and the frictionless experience that users demand in this remote work environment. Learn more.