Securing the new hybrid workplace may require significant changes to culture, policy and technology after new HP research revealed significant pushback from remote workers during the pandemic.
The tech giant surveyed over 1000 IT decision-makers and more than 8400 workers across the globe to compile its latest HP Wolf Security study, Rebellions & Rejections.
It revealed that nearly all (91%) IT leaders had felt pressure to compromise on security during the pandemic, with three-quarters (76%) admitting security took a backseat to business continuity.
As a result, 83% of IT teams believe the increase in home workers has created a “ticking time bomb” for a corporate network breach.
These fears are reflected in the uncompromising attitudes of those workers — particularly the younger cohort.
Almost half (48%) of younger workers (18-24 years old) claimed security tools were a hindrance, and nearly a third (31%) have tried to bypass corporate policies to get work done.
Over half (54%) claimed to be more worried about meeting deadlines than exposing their organization to data breaches. In comparison, two-fifths (39%) were unsure what their security policies say or even if their company has them.
Ian Pratt, global head of security for personal systems at HP Inc, warned that breaches could result from users bypassing internal security controls and policies.
“If security is too cumbersome and weighs people down, then people will find a way around it. Instead, security should fit as much as possible into existing working patterns and flows, with technology that is unobtrusive, secure-by-design and user-intuitive,” he added.
“Ultimately, we need to make it as easy to work securely as it is to work insecurely, and we can do this by building security into systems from the ground up.”
The dynamic is also taking its toll on IT teams. Some 83% said trying to set and enforce corporate security policies is impossible given the lines between personal and professional are so blurred. In comparison, 80% said security was becoming a “thankless task” as no one listens anymore.
HP CISO, Joanna Burkey, argued that employee education and engagement is the first step towards improving security for the hybrid workplace. She added that IT teams should also re-evaluate policies to take account of the new working environment.