Almost exactly three years ago, the COVID-19 global pandemic arrived, and millions of workers were forced to do their jobs apart from coworkers and away from workplaces. This resulted in an unprecedented increase in employees who do the majority of their work online from anywhere they can get internet access-more than likely at home. Of course, work-from-home (WFH) employees have been around for years, but they were always a small fraction of an organization's staff.

But, when the tables turned with the coronavirus shutdowns of 2020 and remote workers became the majority, organizations had to quickly adapt-especially IT departments. After employees scattered around the globe, and then months later some returned to on-site workplaces-though many not as regularly as before-the "hybrid workforce" became an accepted term for describing the phenomenon.

Rebranding WFH to WFA

CIOs, CISOs, and IT departments were compelled to update existing work-from-home (WFH) policies and create new ones to account for the fast and massive evolution of how and where their organizations' employees worked. The descriptor "WFH" was rebranded as "WFA" (work-from-anywhere) to better reflect the reality of the hybrid workforce.

To get a better understanding of this new way of working and organizations' new WFA culture and cybersecurity policies, Fortinet commissioned a global research study. The Fortinet 2023 Work-from-Anywhere Global Study is based on a survey conducted in early January 2023 and included 570 organizations from around the world with at least 100 employees.

Survey Questions

The goal of the report was to do a deep dive into how organizations are responding to the major cybersecurity challenges that have come as a result of the WFA evolution and how they're evolving going forward. The survey questions were developed to reveal the level of commitment organizations have in protecting their networks, data, and employees-and what specific cybersecurity concerns have the highest priority.

Other objectives of the survey include:

• Quantifying the number of security breaches that have occurred due to WFA vulnerabilities
• Getting visibility into the current security solutions that organizations have deployed
  
• Knowing how receptive organizations are to use multiple security vendors
• Learning what the cybersecurity budget priorities are

Survey Says...

After analyzing the survey results, we came away with three key findings:

1. WFA is here to stay.
2. Organizations consider the insecurity of home networks a major concern.
3. Companies are planning significant spending on cybersecurity-but there is no consensus on which solutions they are prioritizing.

Key Survey Highlights

Below are some of the most interesting survey results that are documented in the report.

The responses to one of the primary survey questions-What does your company's remote work policy look like currently?-reveal that 60% of the 570 companies in the study are still accommodating employees working from home, and 55% of organizations are embracing a hybrid work strategy for their employees.

What does your company's remote work policy look like currently?

The Biggest WFA Security Risks

The insecurity of home and remote networks is considered by most organizations to be their top WFA security risk. This is a big issue largely due to the inability to extend corporate security to a non-corporate environment. Other risks include employees using company laptops for personal reasons, employees not following security protocols when not in the office, and unknown users sharing the home network.

What organizations want is the ability to establish consistent policies across all locations, including those where workers connect to the network remotely. The challenge is finding vendors that can implement solutions and enforce protocols on the corporate network as well as in home offices. This is likely why nearly half (42%) of those surveyed end up using different vendors.

Where do you think your two biggest security risks from WFA are coming from?

Companies have already deployed solutions to address risks to some extent, but planned investments in security solutions are broad, especially for laptop antivirus and VPN.

Interestingly, while the top priority for securing remote workers cited is network access control, with 58% reporting having already deployed such a solution, only 4% list ZTNA as their most important investment despite its ability to limit access to network resources. Ironically, VPN, which provides broad access to the network, is in the top 10 of the most important investments.

How are you planning to adjust your security budget in response to supporting your company's long-term WFA policy?

Security Breaches Due to WFA

Perhaps the most startling finding from the survey is learning that nearly two-thirds of the companies have experienced a data breach due to their WFA-employee vulnerabilities. 

Did you experience a security breach during the past two to three years that could be at least partially attributed to an employee working remotely?

How Fortinet Can Help

Based on the survey results, it is evident that there is an increased risk associated with remote work, and this is a concern for many organizations. While all respondents share the common objective of improving remote work security, they differ in their preferences for security solutions.

Fortunately, Fortinet offers a range of solutions that cater to different security needs, using a defense-in-depth approach. These solutions includeFortiSASE andZTNA, which help organizations secure their WFA workforce. By leveraging Fortinet's comprehensive range of solutions, organizations can improve their security posture while increasing productivity and efficiency.

Read the complete Fortinet 2023 WFA Global Study to learn more about the current state of the WFA workforce and how organizations are adjusting and responding.