I know how to secure my PCs. I've never fallen victim to a phishing attack; gotten infected by a worm; been maligned by malware. But then I have 30-plus years of experience. You? Probably not. That's why when I read Morphisec's recent report on all these people working from home (2020 WFH Employee Cybersecurity Thread Index), I was horrified.
It turns out more than half, 56%, of employees are using their own personal computers to work from home. No! Deep breath. No!
And that tidbit is one of the reasons Desktop-as-a-Service (DaaS) makes more sense now than ever before. Because a DaaS set-up is a more secure set-up, and apparently that’s something sorely needed.
Now, I like you folks – really I do, but I've seen how you secure your home PCs. Some are still running Windows 7, others haven't been patched this decade, and let's not even talk about your lousy passwords (123456? Seriously!?) Now, I know it's not your fault; you were sent home without an office laptop and you gotta do what you've gotta do. But, people, this is just asking for a security disaster.
True, there's a lot you can do to protect yourself, your PC, and your corporate IT resources. But, let's get real. Your job title is something like Accountant II, not Chief Information Security Officer (CISO). Security's hard.
Adding insult to injury, hackers are pounding on PCs harder than ever. Andrew Homer, Morphisec's vice president of security strategy and business development, said: "We've seen anywhere between a doubling or a tripling of the number of attacks that we blocked since COVID. When I say about a tripling, that's over 170,000 attacks a week across the five million endpoints."
That’s not good.
Worse still, Homer said, "We've seen that like 25% of all the people who went home and have very strict company guidelines around security protocols aren't even following them."
Many companies are heading for an IT disaster on the level of Knoxville, Atlanta, and Baltimore. Each city found its IT systems closed down by ransomware attacks. The source every time started from a PC.
Can your business survive a multi-million-dollar ransomware payout? What happens if your datacenter is transformed into a BitCoin factory? Or, if all your corporate secrets walk out the door one night?
This isn't a warning that this might happen. This will happen. Approximately 75 million U.S. employees are now working from home. Of those, according to Morphisec's numbers, about 42 million are doing their work on their home PCs, which is just asking for trouble.
There's only one real answer. And, no, it's not teaching people to use best security practices. We've been trying that since the first IBM PC rolled off the assembly line in 1981 and people still are choosing "password" for their password.
The only real answer, if many of us will keep working from home – and it sure looks like we will be – is to switch to a DaaS model. At least then, IT departments, not clueless individuals, will be in charge of security.
Microsoft is good with this. The Redmond crew has been pushing Windows to a DaaS model for years now. Recently, with the release of Microsoft 365 and Windows Virtual Desktop (WVD), it's become crystal clear Microsoft wants you to move your office work to the cloud.
It’s not the only one. Google, with its cloud-based Linux system Chrome OS, also would be more than happy for you to turn in your Windows PC for a Chromebook running G Suite.
Only last month, I argued that the future of the desktop was in the cloud. I predicted by 2025, most "desktops" would be on the cloud. Now, looking at the working-from-home numbers – and just how bad PC security has been – I think I was wrong.
Tomorrow is today. I see a tidal wave of business cloud desktop migrations on its way. By this time, next year, especially if the pandemic keeps most office workers at home, I can see most office work being done on DaaS systems.
This won't be the end for PC gamers, Linux desktop users, and Mac users. They'll still be running standalone PCs. But, for many of us, perhaps most of us, the day of the standalone PC is ending.