Industry executives and experts share their predictions for 2021. Read them in this 13th annual VMblog.com series exclusive.
The Death of Shadow IT and The Standardization of Remote Work Practices
By Michael Abboud, CEO and Founder
of TetherView
It's official, 2020 has made remote
work the new normal. According to Gartner Research's recent report on Remote Work, over 48% of employees will continue to work remotely post COVID-19. For business
leaders, this shift to remote work has created new challenges for IT
departments, who are struggling to balance the demands of workers with a clear
need to protect valuable corporate data and infrastructure. This is a complex
issue that has led to the rise of major problems that will shape the face of
enterprise security in 2021. With this in mind, I've put together my top
enterprise security trends and predictions for 2021.
The Dangers of Shadow IT
COVID-19 has forced IT departments to
adopt new technologies in order to address the needs of a new remote workforce.
This has both benefits and drawbacks; on one hand, IT teams have rapidly
modernized. However, worker behaviors and demands for ease of access to
corporate data have caused a dramatic and alarming increase and acceptance of
Shadow IT; ie applications and devices, largely SaaS, that employees set up and
use without IT permission or Corporate controls
From browser-based plugins to
unsecured devices, Shadow IT represents one of the biggest potential
vulnerabilities in IT today, and it is my belief that the data breaches that
will occur in 2021 as a result of these practices will serve as a wake-up call
to the enterprise community.
The SolarWinds hack is just the tip
of the iceberg; 2021 will be the year that the true threat of Shadow IT practices is shown.
My 2021 Prediction: Unless IT departments give
users access to the proper tools and training, Shadow IT will lead to major
data breaches over the next year.
The Race to Cloud and The Dangers of Too Much Data
The rapid
growth within the SAAS cloud ecosystem has been largely driven by the idea that
data should be easily accessible. Platforms such as Salesforce have played a
major role in building unified ecosystems that empower teams to work remotely.
As demand has grown for new features, specialized third-party solutions have
emerged in order to address specific user features. However, many of these
applications rely on browser-based plugins that are insecure in nature. An even
bigger issue is that many home workers may have third party extensions
installed on their browser without even knowing it. This poses a huge challenge
for IT teams tasked with keeping business data secure, and for companies
dealing with sensitive information or compliance requirements, the "open data" approach offered by
traditional browser-based SAAS platforms do not work.
My 2021 Prediction: As security researchers
begin to examine third-party SAAS extensions, we will begin to see major
vulnerabilities emerge. We will see the major SAAS providers crackdown on
third-party extensions and platforms as a result of this.
The Struggle of Midsize
Businesses and Municipalities to Address Security Concerns
For
medium-sized businesses and municipalities looking to simply stay afloat during
COVID 19, staying ahead of new evolving threats poses a huge challenge. Keeping
up with Zero-Day vulnerabilities, and updating existing technology stacks can
be a huge challenge, and current off the shelf solutions will not fix this
issue. For hackers, municipalities are an especially enticing target. According
to Kaspersky ICS CERT " The
online presence of municipal services and utilities and the increased
digitization of government and public services will make them more vulnerable
to attacks of cybercriminals and create more opportunities for cross-agency
attacks and assaults on central and local government functions and the systems
that support and implement them." For municipal IT departments, 2021 will be an incredibly challenging year
as threats from external actors increase.
My 2021 Prediction: Outside actors will increasingly
target midsize businesses and regional municipalities. There will be a new
generation of service providers aiming to holistically address these market
segments.
Internal Threats, An Even Bigger
Challenge
Increasingly,
cybersecurity risks related to insiders are now more common than external
threat actors. Findings from the 2020 Netwrix Cyber Threats
Report reveals
that since going remote, four of the top six types of cybersecurity incidents
reported by organizations were caused by internal users. These include:
- Accidental mistakes by admins (suffered by 27%
of respondents)
- Accidental improper sharing of data by
employees (26%)
- Misconfiguration of cloud services (16%)
- Data theft by employees (14%)
Perhaps most
alarmingly, the same study reveals that of the organizations surveyed, more
than half (54%) admitted that they do not review user access rights to data on
a regular basis. This security blind spot poses an incredible risk for
businesses and showcases the important role that IT teams must play in limiting
who, what, where, and when corporate data is being accessed. Unless businesses
take this seriously, 2021 will see an increase in major data breaches as a
result of employee data mismanagement
My 2021 Prediction: Businesses will
increasingly have to limit and track employee data access as a result of major
internal data breaches.
The Major Players Will
Increasingly Embrace Virtual Desktops
Employee
demand for access to familiar and new solutions for communication and task
management applications will force businesses to seek out comprehensive
deployment solutions. Already, we see Microsoft, Google, and Amazon all
bringing their workspace solutions to market. However, getting multiple
departments all using the same tools is a challenge, especially as many firms
utilize a variety of different applications and platforms. There are also major
concerns around vendor lock-in and flexibility. It's no secret that the first
virtual desktop deployments had major issues. However, security features,
technology, and connectivity have greatly improved, and it is my belief that
businesses will increasingly turn to Virtual Desktop solutions.
My 2021 Prediction: 2021 Will be a banner year
for virtual desktop adoption. Major players such as Microsoft, Google, Amazon,
and even Salesforce will look to offer their own workspace solutions.
##
About the Author
Michael Abboud is CEO and Founder
of TetherView, a leading private cloud provider based in Oceanport, New Jersey.
TetherView is an IT solution company that builds secure, compliant, resilient
business Infrastructure created in private clouds assuring business continuity
and disaster recovery.