Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.

How Do I Empower a Remote Workforce Without Compromising Security?

To transition to a zero-trust architecture, focus on doing the things that offer the most value.

Ash Devata, General Manager, Cisco Zero Trust and Duo Security

December 8, 2021

2 Min Read
A disc with networking diagram overlay.
Source: Kras99 via Adobe Stock

Question: How can I empower a remote workforce without compromising security or productivity? How do I begin to transition to a zero-trust architecture?

Ash Devata, general manager, Cisco Zero Trust and Duo Security: The transition to a zero-trust architecture is a multiyear journey. We recommend that organizations scope through the phases of a journey and then integrate that scope into the organization’s zero-trust architecture. Starting with a strong maturity model, first establish user trust by verifying users with strong authentication using a passwordless or biometric indicator unique to them. Second, determine device and activity visibility, verifying user devices any time a user tries to login to an application. Third, device trust should be the focus, with limited access to apps or only segments of the network with zero-trust proxies or network segmentation. Fourth, adopting a fully adaptive set of policies for workforce and workloads together is the end state.

Making the transition to a zero-trust architecture should focus on doing what offers your organization the most value. Reducing the attack surface is your main objective. As an example, you may already have multifactor authentication (MFA) for 80% of your users and require it for 60% of your apps; now you can work toward expanding that to 100% for both.

A zero-trust model can help you with a remote workforce because it doesn’t distinguish a remote employee from an employee in the office. You always do the right and same verification, regardless of where the employee resides. In this regard, it is the simplicity of the solution that is the genius behind the function.

Reducing friction for the end user at any point you can is extremely important. Going VPN-less for apps inside the environment helps keep end user friction low. This means the user can just log into a corporate application the way they log into popular consumer applications, like Facebook or Twitter. We always recommend SSO and adaptive policies to eliminate friction for users without compromising on security. And you should have SSO for all applications, passwordless, and VPN-less remote access, which is easier for the end user, reduces overall friction, and increases access.

About the Author(s)

Ash Devata

General Manager, Cisco Zero Trust and Duo Security

Ash Devata is General Manager of Cisco Zero Trust, the most comprehensive platform to secure access for any user, from any device, to any IT application or environment. Ash leads product strategy, engineering, design, and operations functions for Zero Trust products within Cisco’s broader security portfolio, including the Duo business.

Prior to taking the helm of Cisco Zero Trust, Ash led product and go-to-market strategy for Duo, where he helped it grow into a worldwide business with more than 30,000 customers. Before Duo, Ash managed the enterprise solutions portfolio at RSA.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights