The COVID-19 pandemic changed many things for workers. A year ago, most workers went into corporate offices to do their jobs. Today, almost all knowledge workers are working from home and this is likely to stay this way for the foreseeable future.
A recent ZK Research survey found that prior to the pandemic, 22% of people worked remotely. Business leaders expect this number to jump to 46% of all workers post pandemic. If only knowledge workers are taken into consideration, that number jumps to over 70%.
Hybrid working is the way but comes in many forms
As we get closer to having the option of going back to the office, I’ve been actively talking to workers and business leaders to get their thoughts on what a return to the office might look like. There’s no real consensus here.
Some companies are considering having people come back in shifts where certain departments would be in the first few days of the week and other the back half. Other organizations are considering having everyone come in for two-three days a week and remote the rest of the time. Then there is the option of leaving the decision up to the employee. Whatever the choice, there is one thing in common and that’s hybrid working will be a reality and every company needs to prepare to have the majority of users working remotely at least partially.
VPNs no longer scale to meet the needs of a growing remote worker population
This creates a number of technical challenges for organizations. First, there’s scaling virtual private networks (VPNs). Initially companies turned to VPNs to enable remote worker connectivity. VPNs might have been sufficient for a short period of time, but the technology was never designed for a world where the majority of workers are using it to connect to their company.
Traditional VPNs have been around for decades and the technology hasn’t fundamentally changed over this time. There have been incremental updates to speed and tweaks to the user interface, but the reality is that today’s VPN solutions are essentially the same as the ones used in the 1990s. While they meet the needs of intermittent connectivity, they create security risks as a breached home workers computer could create a back door into the enterprise. Also, they’re expensive and complicated to get up and running at scale and lack the ability to implement granular security policy.
Another issue is securing SaaS applications as these are often a favorite point of attack for threat actors. Workers often use the same password for SaaS apps so if one is breached, that often gives hackers access to a broad range of apps. Also, SaaS apps are often procured through lines of business directly, which leads to “shadow IT” issues. Businesses need to adopt cloud access security brokers (CASB) and secure web gateways (SWG) to protect SaaS services.
But that’s not all. IT professionals need to understand how to secure and connect mobile users, centrally manage branch hardware, how cloud security interoperates with or replaces physical appliances and how to shift to an SD-WAN. I’ve talked with many IT pros that view the evolution to this “next normal” as the most challenging thing they have done in their career.
Citrix Secure Internet Access Is Built For Hybrid Working
Recently, Citrix announced the general availability of its Secure Internet Access (SIA) solution built from the ground up to meet solve the above challenges. The solution addresses the needs of the post pandemic world where users are working from home or another non-company location some or all of the time. This new addition to the Citrix portfolio of products is a complete service delivered from the cloud. Citrix is best known as a vendor that connects users to company resources via virtual desktops and they do this better than any other company and SIA is an ideal complement as it addresses the growing number of security concerns.
I follow the SD-WAN and SASE industries fairly closely but never really considered Citrix a major vendor in the space. Recently, the company updated me on their offerings, and I finished the meeting with a positive outlook on their products. SIA is a very robust, cloud-delivered security solution that gives work from home employees the same level of security as they would have in the office.
As more SaaS apps are deployed across multiple clouds and workers become increasingly distributed, it’s critical for companies to have consistent and comprehensive security. SIA protects workers from the rising number of internet threats in encrypted and unencrypted traffic. It ensures that your users are not accessing high-risk content especially from browsers and OSs known to be vulnerable, blocks malware from entering your network, allows granular control on SaaS applications, enforces data loss prevention (DLP) policies when accessing cloud services, and gives you the user-level visibility you need, all through the same console that you would use to manage other Citrix services.
SIA complements other Citrix products
The product is complemented with Citrix’s zero-trust network access solution, Citrix Service Workspace Access consolidates point solutions like VPN, single-sign-on (SSO) and reverse proxy with additional benefits of remote browser isolation (RBI). When combined with the Citrix SD-WAN, it can deliver a full SASE solution providing consistent, secure and reliable access to any location including branches, home offices or even an individual device.
While there are a number of remote access, SD-WAN and SASE solutions on the market, Citrix’s approach is a full featured SASE solution, especially from the standpoint of unification across networking different security services: SIA offers the following benefits:
- Consistent policy enforcement, regardless of location. Whether a worker is at home, in the office or on vacation, it’s critical that the same security policies be applied. This also applies to the different devices a user might have. Laptop at home or mobile phone on the road – doesn’t matter, the policies need to be the same. Citrix’s SIA is all cloud based so the policies follow the user and devices without constant reconfiguration.
- Comprehensive single security stack. More and more, security leaders are starting to understand that best in class threat protection is not achieved from best of breed everywhere. In fact, too many vendors can often create a less secure environment as it’s very difficult to keep policies up to date. Citrix SIA is built as a single stack that includes, SWG, DLP, CASB, Firewall, Malware Protection and Sandboxing ensuring consistent security policies across all users and devices.
- Broad operating system support. Most security vendors support Windows, MacOS, iOS and Android operating system but not much else. SIA has cloud connector agents for ChromeOS and Linux. ChromeOS is used for Chromebooks, which are growing in popularity and many IoT devices use Linux so these OS’s are important to support.
- Automatic security updates. SIA is auto-updated based on threat intelligence from 10+ engines. This ensures greater probability that customers are protected against latest threats.
- Sandboxing potential threats. This capability ensures that suspicious files, even though they may not have registered threat signatures, are investigated to prevent attacks.
- Improved user experience. The hub and spoke network architecture was favored for so long because it centralized security. With cloud applications now being the new normal, the ideal scenario is to enable workers to access them directly without passing through the hub. Citrix SIA protects all users with corporate class security and enables direct access to the cloud for optimized user experience.
- Network resiliency. Citrix SD-WAN integrated with SIA helps overcome internet connectivity problems for home workers with LTE and Wi-Fi enabled devices while allowing them secure direct internet access.
Businesses need to prepare for hybrid workers where users can be in the office or out of the office at any given time. Citrix SIA makes this possible without having to compromise security or application performance.
Digital businesses require network and security to converge
One last point to consider. Given digital businesses are network centric, it’s become important to ensure network and security technologies must converge.