Pandemic Work from Home Changes Course for Endpoint Security

The pandemic work-from-home imperative will change the way global businesses deploy security, Gartner said Wednesday. In particular, the research firm refers to the impact of bring your own PC (BYOPC) security and secure access service edge (SASE) adoption on businesses, worldwide, over the next 10 years.

The findings are included in the 2020 Gartner Hype Cycle for Endpoint Security report. Gartner’s report tracks the innovations that help security leaders protect their enterprise endpoints from attacks and breaches. Today, attacks and breaches are shaped by the continued growth of endpoint attacks and the surge in remote working. Release of the report comes ahead of Gartner’s Security & Risk Management Summit (Americas virtual), scheduled for Sept. 14-17.

Gartner’s Rob Smith

“Prior to the COVID-19 pandemic, there was little interest in BYOPC,” said Rob Smith, senior research director at Gartner. “At the start of the pandemic, organizations simply had no other alternative. The urgent need to enable employees to work from home and a lack of available hardware bolstered its adoption globally.”

Gartner reports that its clients claimed less than 5% adoption of BYOPC in 2019.

BYOPC Revisited

The bring-your-own-device (BYOD) to work trend started about ten years ago. At the time, it fell under the “consumerization of IT” umbrella. IT considered it rogue and a threat to business security.

It still does.

While many companies put business practices and security/risk practices in place to deal with BYOD, it hasn’t gone away, entirely.

Now, enter the pandemic — and BYOPC is on the rise. As a result, businesses need to address a remote workforce in numbers they never before considered. And post-pandemic, the remote workforce/hybrid workplace will be a reality.

What is it?

BYOPC is an endpoint deployment strategy that allows employees to use a personally selected and purchased client device. Employees use their devices to execute enterprise applications, and access company services and data, as defined by Gartner. Devices include, PCs, Macs and Chromebooks.

Unsecured, these devices pose a risk to business security.

SASE delivers multiple capabilities such as SD-WAN, secure web gateways (SWG), cloud access security brokers (CASB), next-generation firewall (NGFW), and zero trust network access (ZTNA). SASE supports branch office and remote worker access and is delivered as a service. It is based on the identity of the device/entity, combined with real-time context and security/compliance policies. Identities can be people, devices, IoT, or edge computing locations.

Closer Look

In this year’s Hype Cycle, BYOPC security and SASE reached the Peak of Inflated Expectations. The wide and sudden adoption of BYOPC has become a necessary security strategy. This requires CISOs and security leaders to put in place specific security practices.

“CISOs and security leaders should expect the need to support BYOPC to be dependent upon a long-term work-from-home strategy, and also expect to support security tools needed for a BYOPC environment,” said Smith. “They need to prioritize their security practices. including enabling multifactor authentication (MFA) for all access to any corporate resource regardless if virtual or not, and if cloud or on premises. Organizations must contain all cloud application data and disallow local storage or upload of local data from any BYOPC device as this could infect the cloud system. They also need to virtualize access to any traditional on-premises application.”

BYOPC security will reach mainstream adoption in the next two to five years, according to the research firm. Mainstream SASE adoption will take longer, between five and 10 years.

Late last December, Andrew Lerner, research vice president at Gartner, talked about SASE as the “new thing.” He also said to watch for SASE announcements over the next 12 months as vendors merge products and/or partner to compete in this emerging market.

Gartner expects that by 2024, at least 40% of enterprises will have strategies to adopt SASE. That’s up from less than 1% at year-end 2018.