As work from home extends into 2021, remote access performance and security will continue to dominate enterprise budgets and priorities.

Accommodating remote users “long-term will lead to phase two of remote access investment,” according to a report from Cato Networks that surveyed 2,376 IT leaders about budgets, purchase plans, future of remote work and secure remote access. “Enterprises will improve the remote user experience and bring the same level of and security delivered in the office to home users.”

Those priorities make sense, considering that only 7% of respondents said all their employees would go back to work in the office, a figure that Dave Greenfield, security evangelist at Cato, found surprising.

“We all knew that enterprises embraced work from home. All of us have seen that throughout the pandemic. Still, many have wondered if WFH will continue,” said Greenfield. “The answer? Yes. 80% of respondents said their organizations will continue working remotely in whole or in part.”

Those surveyed admitted to anticipating the road ahead to be bumpy with challenges as they face greater threats without the resources they need to defeat them. “Enterprises are struggling to protect themselves with new malware, new vulnerabilities being routinely discovered,” said Greenfield. “We all know that but to see more than half of respondents (57%) actually say they lack the time and resources to implement security best practices — that’s significant.

The best practices needed “aren’t necessarily exotic,” he said. “Timely patching of software and systems, something that’s often taken for granted, is still a challenge for 32% of participants.”

Many of the leaders surveyed feel their organizations are well-positioned to meet the security and workforce dynamics of 2021 while others are skeptical, still dealing with the traffic that swamped VPN servers after the workforce moved home. “Far more users connect to the VPN server for the entire day not just a few hours. This poses a challenge: how do you connect and secure remote users without compromising performance,” said Greenfield.

Another challenge is that “legacy security infrastructures must bring traffic back to datacenters inspection, introducing delay into application sessions,” he said. “It’s a major reason why remote users further away from the company’s datacenter or headquarters will often complain about VPN performance.”

While that might have been tolerable with a small portion of the workforce working remotely for a couple of hours daily, “with the entire workforce working remotely the whole day, the performance of secure remote access has become the primary focus for IT organizations in 2021 (47% of respondents),” Greenfield explained.

The research underscored that organizations must adopt a hybrid security strategy to addressing immediate security and connectivity challenges for remote users but in a way that will work equally well for supporting users returning to the office “And this is the challenge: Addressing each IT problem with yet another solution leads to the mix of appliances and point solutions that have long complicated the IT landscape and increased the very attack surface attackers exploited to penetrate enterprises,” said Greenfield. Instead, “IT teams need to think through a more holistic approach.”