Cisco's Duo Security: Shift to Remote Work Forces Companies to Rethink Security

The security missteps exposed by the pandemic pave the way for a more secure remote access going forward.

Lynn Haber

November 12, 2020

3 Min Read
Remote Worker, Telecommuter
Shutterstock

The rush to support remote workers during the ongoing pandemic caught most organizations off guard. Now the remote workforce is the new normal.

Going forward, many businesses expect to support a bigger remote workforce into the future. As a result, companies are rethinking security and weighing the balance between employee convenience and securing the corporate jewels.

The new “2020 Duo Trusted Access Report: Ensuring Secure Access Amid a Major Shift to Remote Work” examines how companies are supporting remote work and what makes a solid and secure remote strategy.

Lewis-Dave_Duo-Security.jpg

Duo Security’s Dave Lewis

“As the pandemic began, the priority for many organizations was keeping the lights on and accepting risk in order to accomplish this end,” said Dave Lewis, global advisory CISO at Duo Security at Cisco. “Attention has now turned toward lessening risk by implementing a more mature and modern security approach that accounts for a traditional corporate perimeter that has been completely upended.”

The research, conducted by Duo’s data science team, analyzed data from more than 26 million devices, more than 500,000 unique applications and about 700 million monthly authentications. This spanned the vendor’s customer base in North America, Western Europe and Asia Pacific. The team look at users and who has permission to access that user’s information; which devices are used to access applications; and which applications users are accessing.

Here are the top 10 trends.

  • There’s a 60% swell in daily authentication from outside the physical office, using VPNs and remote desktop protocol (RDP). Researchers looked at the top five industries that engaged in remote access. The change in daily authentication to remote devices was led by education (78%), financial services (73%), telecom (59%), health care (48%) and technology (36%).

  • Cloud use surges. The average number of daily authentications to cloud apps increased by 40% from June 2019 to June 2020. The European Union had the largest spike, while the U.K. saw the smallest.

  • iOS devices are about four times more likely to get an update within 30 days of a security update or patch compared to Android devices.

  • Duo Push is the most used authentication method, accounting for 69% of all authentications.

  • The percentage of organizations that enforce policies to disallow SMS as an authentication method increased by 85% year over year. In 2016, NIST guidelines stated that SMS-based authentication methods were not secure. This was due to the fact that a phone may not always be in possession of the phone number. Additionally, hackers can intercept SMS messages and keep them from getting to the intended phone.

  • More than 80% of active customer devices have biometrics enabled, and total devices with biometrics rose 64%.

  • Roughly 70% of Duo customers who implement location-based policies restrict access from China or Russia.

  • Authentication failures due to out-of-date devices increased 91% during the first three weeks of March. Researchers attribute the astronomical jump to the use of personal devices by remote workers.

  • Windows 7 use dropped to its lowest level yet. Only 10% of Windows devices are still on the outdated OS.

Dealing with the New Normal

“When we look back at the massive global shift to a remote workforce, it comes into sharp focus that this will be a way the workforce will be doing business for years to come. The need to dispense with old security thinking is apparent. Zero trust, multifactor authentication, biometrics and passwordless are components of the path to a new bliss. It is of paramount importance to address the security of the workload in data centers and in the cloud as well. We are resilient, and security can act as an enabler for the way forward,” said Lewis.

In October, Cisco published two global research studies that looked at the challenges and opportunities related to the transition to a secure and productive remote workforce. The two reports are the Future of Secure Remote Work Report and the second annual Cisco 2020 Consumer Privacy Survey.

About the Author

Lynn Haber

Content Director Lynn Haber follows channel news from partners, vendors, distributors and industry watchers. If I miss some coverage, don’t hesitate to email me and pass it along. Always up for chatting with partners. Say hi if you see me at a conference!

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like