Emerging and evolving cybersecurity threats are prompting IT teams and managed service providers (MSPs) to implement new and increasingly rigorous security protocols to protect sensitive data and curtail risky behavior.
However, with each new onerous log-in requirement and compatibility challenge, a user’s digital experience suffers. That prompts those same users to find (and share) workarounds to get the job done.
Each new workaround creates new gaps in security and data loss prevention efforts. IT and security teams respond with still more protocols, and the vicious cycle continues.
We call this phenomenon the Security/Workaround Paradox. The more security protocols your IT team puts in place, the more users will find workarounds to stay productive.
User frustrations versus cybersecurity protections
The Security/Workaround Paradox is more prevalent than you might think. In fact, according to a recent Venn/Harris Poll study, nearly three-quarters (71%) of employed Americans (full or part time), have done something to get around their company’s IT policy or procedures in order to be more productive and efficient at their job.*
This includes, but is not limited to, ignoring or delaying an antivirus or other security update, using a personal device for work activities, downloading work files, documents or data locally to a desktop, or even using the “free” Wi-Fi available at cafes, libraries, or similar public places when working.
It’s hard to blame them
Technology is supposed to make our lives easier, but cybersecurity protections often undermine that promise. Faced with sacrificing productivity and client service or turning a blind eye to security threats, most users opt to find ways to get their work done and hope for the best. As a result, it’s not your CTO or CISO who’s setting your security policies – it’s your users.
That’s an unacceptable reality in today’s cybersecurity climate. It’s estimated that ransomware costs have grown more than 57X in the last five years and, according to Forrester, due to pandemic-related uncertainty, remote work conditions, and employee experience, one-third (33%) of security breaches will be caused by insider threats in the coming year.
Organizations that stake their reputations on safeguarding client data and complying with cybersecurity regulations need to find a solution for this expensive and risky paradox.
Virtual Desktop Infrastructure Magnifies the Security/Workaround Paradox
Solving for the Security/Workaround Paradox starts with recognizing that legacy Virtual Desktop Infrastructure (VDI) solutions fail to meet the modern expectations of today’s users, customers and employees. Nearly every IT trend of the last decade has served to undercut VDI as an economic and empowering solution for IT teams and end users.
Mobile devices. Bring Your Own Device (BYOD). Apple’s resurgence in personal computing. Remote workspaces. Hybrid workplaces. Each exciting new reality of modern work has eroded the promise and potential of VDI, leaving MSPs, IT teams and security pros with the Herculean task of repurposing VDI environments and tools to solve for challenges the infrastructure wasn’t designed for.
Let’s take a closer look at videoconferencing tools
The Zoom, Skype, Microsoft Teams and WebEx experience through VDI is terrible, prompting users to find workarounds that fail to protect BYOD when video calls are held on a personal device or mobile phone. These workarounds create additional threats when users are tempted to share sensitive data on these unprotected platforms.
Legacy VDI tools were designed for a working world that doesn’t exist any longer – and the challenges are only getting worse. As remote work and BYOD become the rule and users expect to toggle between personal and professional computing on those devices, organizations need an evolved solution that balances user experience and cybersecurity.
Increasingly, solving the Security/Workaround Paradox demands solutions that are fast, flexible, and familiar while delivering the experience end users expect. It’s time to admit that VDI has run its course and that the modern worker needs a “local” future.
