Security Market Segment LS
Thursday, 07 October 2021 17:53

Australian, NZ organisations fear increased security risks working from home Featured

By Staff Writer
Rana Gupta, APAC Regional VP, Authentication & Encryption for Thales Rana Gupta, APAC Regional VP, Authentication & Encryption for Thales

A large majority of Australian and New Zealand organisations were not adequately prepared for COVID-19 and fear the increased risk they are being exposed to through working from home and flexible work policies, according to newly published survey findings.

The findings in the latest Thales’ Access Management Index reveal that 57% have adopted two factor authentication, but major access control gaps remain leaving digital identities at risk  - and a  “staggering” 82% of Auastralian organisations and 86% of New Zealand organisations are concerned about the security risks / threats of employees working remotely - yet, 41% (AU) and 53% (NZ) of organisations do not have an access management solution deployed. 

Thales says that while many organisations viewed security as an important investment during the pandemic, it lagged behind investment into infrastructure and cloud as the number one priority.  

And for organisations across the region, the most important investment during COVID-19 has been infrastructure / cloud (51% AU / 45% NZ), followed by security and privacy (27% AU / 39% NZ). 

According to Rana Gupta, APAC Regional VP, Authentication & Encryption for Thales,With the move to remote work and cloud, organisations’ perimeters have extended beyond their physical walls.”

“Most employees today – as well as customers and partners – gain access to the work applications and data from outside of an organisation’s walls, whether those are on the network or in the cloud. Digital identities have become the new perimeter.” 

According to Thales, humans remain organisations’ weakest link and this has yet again been demonstrated by the OAIC’s latest January-June 2021 Data Breaches Notification report which shows that data breaches resulting from human error accounted for 30% of notifications - and business and technology leaders need to look at new ways to secure the access to organisations’ expanding digital walls, and much stronger access controls are needed.. 

Despite a world where digital identities are the new perimeter, traditional security policies and practices are still largely in use according to the report:

  • 55% (AU) and 63% (NZ) of employees use a VPN 
  • 50% (AU) & 55% (NZ) of employees use virtual desktop infrastructure 

However the study also reveals that many organisations are planning to move away from VPN, instead replacing it with: Multi-factor authentication (MFA) solutions (49% across the region), Zero Trust network access / SDP (44% AU / 41% NZ), and other Identity and Access Management solutions with different levels of access control.

Only 9% (AU) and 18% (NZ) of organisations are not planning to move away from VPN.  

The report also ntes that stronger Identity and Access Management (IAM) tools are on the rise with 59% (AU) and 55% (NZ) of organisations adopting two factor authentication (2FA) - while overall, multi-factor authentication (MFA) has been deployed for 73% (AU) / 71% (NZ) of remote/mobile and non-IT employees and staff. But major gaps still remain:

  • 34% (AU) and 29% (NZ) of organisations are deploying three to five different authentication vendor tools, which increases complexity for IT teams and for users 
  • 41% (AU) and 53% (NZ) of organisations do NOT have an access management solution deployed 
  • 23% of AU organisations and an alarming 41% of NZ organisations are either somewhat not confident or not at all confident that their current access security solutions can effectively enable employees to work remotely in a secure and easy manner 

Third-parties are often not part of organisations’ security strategies or submitted to the same levels of security controls, and the report found: 

  • Only 43% (AU) and 64% (NZ) of third parties, and 40% (AU) / 50% (NZ) of customers have MFA/2FA in place 
  • Those numbers drop even lower when it comes to on-premise 

“Our report shows the critical need for ANZ organisations to rethink their access control strategies and look at Identity and Access Management (IAM) as an organisation wide strategy and not a siloed security approach,” Gupta said..  

“As we move away from perimeter-based security models, managing access to the organisation’s critical resources needs to become THE central function of any security strategy that essentially needs to be based on the new mindset of Zero Trust. You can’t let any user – from within or outside of the organisation – bypass your access management strategy. It takes one single non-secure access to compromise the entire organisation.”   

The report also reveals that amongst the technologies ANZ organisations are planning to deploy due to the impact of the pandemic and remote work:

  • Zero Trust network access / SDP is the most popular (49% AU / 45% NZ)  
  • Zero Trust network access / software defined perimeter is now used by 53% (AU) and 49% (NZ) of organisations 

“Too many networks and applications currently run on ‘assumed trust’ systems,” said Gupta.  

“A Zero Trust model views trust as a vulnerability – any user or device looking to access confidential data cannot and should not be trusted by default. Instead, the idea is to follow a ‘trust no one, verify everyone continuously’ mindset. But to achieve this it is vital business leaders take a more active role in setting the organisations’ access control strategy alongside their technology leaders.

“Again, this is a question of mindset across the entire organisation, before it can be brought to life by investing in the right Identity and Access Management technologies.” 

Read 1220 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News