It’s no secret that cyber attackers overwhelmingly target corporate endpoints. After all, they’re the gateway to the network and all that it contains. In 2019, 68% of IT security professionals said their company experienced endpoint attacks that compromised data or IT infrastructure. Since COVID-19 hit, that number just keeps growing. May and June 2020 alone saw a 34% increase in cyberattacks compared to March and April 2020.
So you can understand why many businesses believe the only way to truly protect end-user devices and sensitive company information is to lock down corporate laptops. There’s a huge problem with this, however. It handcuffs knowledge workers.
When their laptops are locked down, knowledge workers have very limited, or no, access to the internet and modern SaaS applications. They can’t plug in USBs, install applications, or use home printers or external hard drives. This makes it extremely difficult to do their jobs effectively – especially at a time when, for example, 42% of the U.S. labor force, primarily knowledge workers, is working from home full-time as a result of COVID-19.
This need for enhanced productivity won’t go away after the pandemic either. The percent of days people spend working from home post-COVID is expected to reach 20%, from a pre-COVID level of 5%. But whether knowledge workers are WFH, in the office, going back-and-forth, or travelling, they need every productivity advantage they can get.
Time to Unlock Workspaces
Clearly, now is the time to take the handcuffs off. The question is how to do it responsibly. Completely unlocking corporate laptops isn’t the answer because that would expose your workers and your business to cyberattacks.
Instead, you can create an unlocked workspace on the laptop, and keep it isolated from corporate OS by running it in a virtual machine. Hysolate Workspace makes it simple for organizations to maintain essential security standards while simultaneously keeping users productive and happy, protecting company data and also protecting employee privacy. Hysolate Workspace appears to the user just like yet another desktop on their machine but has strong cloud-managed isolation policies attached to it, including fine-grained clipboard, USB, networking, and other security policies.
Restrict the locked OS workspace to accessing sensitive data and systems. No internet access, no USBs. Use the unlocked workspace for everything else. Make it open to the internet, email, non-privileged information, and more.
Any cyber criminals who infiltrate the unlocked workspace will be contained within it. They cannot reach the locked, or privileged OS, or even see that it exists. Hysolate Workspace is non-persistent, so it’s wiped clean at startup for added protection.
With Hysolate, knowledge workers are empowered to do all of the below (and more) in the unlocked workspace, without putting sensitive corporate information and systems at risk:
- Full web browsing to any website
- Use any third-party cloud app, such as Zoom/Webex/Google Drive/Dropbox, etc.
- Download files
- Access potentially risky email attachments and links
- Use external USB devices and print from remote locations
- Have local admin rights enabled for installing software