This month marks the one-year anniversary of a massive remote work experiment. At the start of the COVID-19 pandemic, many organizations implemented remote work policies almost overnight. While this was certainly challenging, the experiment went relatively smoothly for most.
Many organizations and their employees have enjoyed the benefits of a flexible workspace, and as a result, some including Amazon, American Express and Facebook made the decision to switch to long-term remote or hybrid work environments. However, the shift to working from “anywhere” uncovered significant risks, particularly around cybersecurity.
It was understood early in the pandemic that remote work would expose vulnerabilities for those not well-equipped for the immediate switch. For instance, legacy on-prem secure web gateway appliances were never designed to support a workforce that was not in a physical office. Organizations that are planning for a more permanent shift to remote work need to take critical steps to ensure their infrastructure can support employees regardless of location. This means instituting cloud-based solutions that improve cybersecurity postures and keep their networks safe.
Security must follow the user
The first critical step in securing remote employees is to make sure security follows the user, no matter where they’re located. Employees regularly access their email and rely heavily on cloud-based productivity apps when away from their corporate networks. This means they are no longer protected by physical security appliances meant to protect the four walls of the office.
As such, organizations now require cloud-based security that follows the user and their devices. Those that allow their employees to access sensitive information without security results in an unprotected risk that positions themselves open to a multitude of threats. With remote workers and data constantly moving between multiple clouds outside of the office, the “castle and moat” strategy of creating a security stronghold meant to protect one central perimeter simply no longer makes sense.
All clouds are not created equal
While cloud-based security is a critical part of protecting company networks, not all platforms are created equal. Today’s workplaces require next-generation solutions that can deliver not only security but also provide the networking functions that were once the job of expensive, physical appliances located in the office. Known as the secure access service edge (SASE) model, this next-gen security solution helps ensure scalability, productivity, data control and protection, all while reducing costs, since it eliminates the need for physical appliances. These cutting-edge security solutions can both protect workforces from external threats while simultaneously providing networking functions in one simplified offering through the cloud.
To meet the ever-changing demands of modern workforces and ensure consistent security policies are in place regardless of a user’s location, companies should seriously consider implementing SASE architecture.
SASE + Zero Trust
In order to take the most holistic approach to cybersecurity, companies should use cloud-based solutions that combine SASE architecture with zero trust network access (ZTNA). ZTNA is a security framework that uses the assumed breach mentality, implicitly trusts no individual or device and scans everything and everyone for threats, including individuals inside the organization. These core tenets are necessary functions for securing today’s remote workforces and for helping organizations reduce the risk of data loss or breaches.
By specifically defining the resources and applications each employee can access based on date/time, geolocation or other criteria. ZTNA offers employers improved and granular visibility into what information employees are accessing while working remotely.
By implementing ZTNA protocols directly within SASE architecture, organizations also help ensure sustained productivity. Outdated security solutions still rely on hardware and require the use of a VPN–which can become bottlenecked and slow–to scan all remote internet traffic. Meanwhile, modern SASE architecture can deliver zero trust protocols directly to each cloud application, ensuring low latency and maximum productivity. As more employees access company data remotely for extended periods of time, this scalability will only become increasingly more important.
COVID-19 has accelerated digital transformation across industries, and it is unlikely that we will ever fully return to a pre-pandemic workplace. To keep up with this rapidly evolving future of work, organizations that haven’t already done so need to ensure they plot out a course to implement cloud-based security and networking solutions.
By instituting next-generation architecture and a security posture that includes SASE and ZTNA, organizations of all sizes will be better equipped to protect themselves from quickly growing and increasingly sophisticated threats and ensure productivity no matter where their employees are located.