By Peter Firstbrook, Distinguished VP Analyst at Gartner
Hybrid work necessitates an all-encompassing set of security controls that operate seamlessly within modern IT infrastructure. Phishing, identity theft and ransomware have remained top of mind for business leaders despite the significant investments to combat them. The challenge is intensified by the growing arsenal of security tools designed to address individual security threats in isolation. This drives up the complexity of evaluating, managing and integrating these tools as part of a coherent security strategy. A segmented approach to security tool administration also weakens the security posture, thereby providing threat actors an opportunity to target the workspace for initial access.
To enable a secure hybrid workplace, security and risk management leaders need a comprehensive workspace security strategy that integrates security across device, identity, email, data and application access into a cohesive and modular solution.
Adopt workspace security to enable secure hybrid work
For the successful implementation of modern hybrid work, organisations must not only devise an optimal hybrid strategy but also need to fully embed security in the modern workspace. This requires adopting a holistic workspace security strategy that places the worker, rather than their device, at the centre of protection and delivers the required security outcome for the business. Instead of viewing endpoint, email, identity, data and application access as separate security problems to solve, shift focus to a more cohesive strategy assessing how well security components fit together to improve the overall workspace security.
The focus must be on developing a more robust set of integrated and well-managed security controls, helping reduce complexity and break organisational silos. As the first step, security and risk management leaders must assess the current and the future state of their hybrid workspace and evaluate security requirements for workers using managed and unmanaged devices. Then, they should evaluate the acceptable level of administration complexity before adopting new tools.
Ultimately, the goal should be to identify the approach that is most suitable for the organisation based on the trade-offs the organisation is willing to make, rather than the approach that is the most popular within the market.
Build integrated workspace security teams
A workspace security strategy should be a cross-functional initiative led by the Chief Information Security Officer (CISO). The aim is to simplify processes, ensure consistent security policies, and enhance protection levels. The primary focus should be on designing a robust workspace security solution. This involves aligning security policies across various controls – identity, email, endpoint, and data – irrespective of the device used by the worker. By doing so, we can ensure a secure and efficient workspace for all.
The adoption of a workspace security strategy, along with a shift to integrated workspace security teams, will offer benefits such as:
- Reduced complexity
- Lower operational overhead
- Alignment of business and security
- Ease of integration
- Improved security posture
Reduce complexity on the endpoint protection side
Organisations that continue to use separate tools for Endpoint Protection Platforms (EPP) and Endpoint Detection and Response (EDR) should consider the immediate benefits of consolidation. These are mature technology sectors with many providers offering combined functionality through a single endpoint agent and administration console. This integration not only streamlines operations but also enhances overall security management. Gartner predicts by 2029, 50% of organisations will evaluate endpoint protection platforms as part of a comprehensive workspace security strategy, up from approximately 20% in 2024.
To tackle identity threats and enhance security operations, consider the possibility of integrating or consolidating related capabilities. For instance, integrating Identity Threat Detection and Response (ITDR) and Extended Detection and Response (XDR) with your Endpoint Protection Platform (EPP) could be beneficial.
In today’s workspace, advanced phishing attacks like Business Email Compromise (BEC) are common. Therefore, it’s crucial to assess the robustness of anti-phishing measures across various channels – email, web, messaging, and collaboration. Implementing strong controls in these areas should significantly reduce the risk of successful attacks.