Story image

Are your employees putting your organisation at risk? Survey says 25% of employees bypassing secure VPN

20 Jun 16

New results have shown that as much as 25% of your workforce may be bypassing secure Virtual Private Networks (VPNs) to access the internet through their mobile device.

Zscaler reports that more than 70% of Australian organisations' employees access enterprise business applications from a mobile device.

One in four of these organisations are being put at risk by up to 25% of staff who use content from the internet instead of through the organisation's own secure VPN.

The Zscaler report surveyed 100 chief security officers (CSOs) and found that 84% of organisations have used a VPN for remote access for specific business application access.

  • 36% of respondents also thought VPN was a concern because it provides employees access with access to the entire corporate network
  • One third of CSOs has seen a marked increase of between 25%-50% in mobile device usage in the organisation over the last twelve months
  • 60% of these users are using their devices to use business applications more than 25% of the time
  • 54% percent of CSOs store 25% of business applications in the cloud
  • 25% percent of CSOs store between 25%-50% of applications in the cloud
  • The number expected to store more than 50% of their applications in the cloud is expected to grow to 28% in the next twelve months

These trends are driven by what Scott Robertson, Zscaler VP Asia Pacific and Japan VP calls "consumerisation of the enterprise", as well as the trend towards cloud computing, mobile computing and threat evolution.

Mobile devices are a double-edged sword as they have brought forth security threats and attacks through the sheer number of mobile apps. This can be difficult for organisations to manage, Robertson says.

Robertson states that users can download unvetted apps that open up attack opportunities, but also issues between personal privacy with corporate security across visible and non-visible platforms.

The apps may be connecting to botnets, downloading malware or exfiltrating data, without users ever being aware of what is really going on, Robertson says.

Robertson believes that PC-era security technology that is put on mobile devices is simply not enough to secure mobile security.

True mobile security requires the ability to understand and classify mobile applications through traffic patterns, identify threats in real time and enable quick corrective action. Today’s modern cloud security platforms enables businesses to embrace these innovations securely, while delivering a superior user experience,” Robertson concludes.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Cohesity signs new reseller and cloud service provider in Australia
NEXION Networks has been appointed as an authorised reseller of Cohesity’s range of solutions for secondary data.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.