The essential shift to remote work meant many companies emphasized connectivity first and security second. Now, organizations globally are struggling to determine what longer-term distributed work will look like and how they will operate. Most companies are accepting that this could be permanent – in fact, a report from Pulse Secure found that 84% of US organizations expect a broader and more persistent remote work adoption after the coronavirus pandemic passes.
However, adopting remote-first work policies comes with security challenges for tech leaders. Some studies have shown that remote employees are less likely to follow security best practices — for example, a report by Malwarebytes showcasing security in today's work from home environment found 18% of respondents said cybersecurity was not a priority. And in a report commissioned by (ISC)², nearly one fourth (23%) of infosec professionals said that cybersecurity incidents experienced by their organization have increased since transitioning to remote work.
To address this concern, security needs to be a priority. Here are the security strategies to keep in mind when transitioning from pandemic to permanent remote infrastructure and how to ensure your team is set up for success.
Adopt a Zero-Trust Approach
Zero trust is a well known security concept centered on the belief that organizations should plan their defenses by not trusting anything or anyone, both inside and outside of the network perimeter. With more employees working remotely long-term, a zero-trust approach is necessary to protect users, workloads, and applications that are distributed around the globe.
To begin your zero-trust journey, it's important to consider the following strategies:
- Address user identity and establish context. Beefing up your identity and access management (IAM) strategy with unified account management and multi-factor authentication (MFA) are critical components to building a context-aware architecture for your organization.
- Leverage visibility tools to classify data and applications. This involves taking note of how your data is labeled, and how sensitive data flows through your network. This step is critical to understand what good network traffic looks like in order to write zero-trust policies.
- Prioritize in-use applications versus legacy. Consider starting with data/applications that the IT teams use regularly and understand well, versus legacy applications that may not be well documented or communicating with other services in unclear ways. This will act as a way of testing a hypothesis to understand how to apply zero-trust policies over time.
Expand Beyond VPN Security
The abrupt shift to remote work led to a massive spike in employees using virtual private networks (VPN) to remotely connect to company networks. Home users and endpoints are a popular target for malware infections (phishing, malicious websites, etc.), so VPN security has been a major topic of recent conversations.
A traditional VPN is typically a binary control that allows users access to an internal network once a user is authenticated. However, traditional VPN is not granular enough to meet the needs of today's workplace. If a device falls into the wrong hands, all bets are off. While security/IT teams have taken a more binary approach in the past (user allowed versus not allowed), to adapt to a WFH environment, organizations should adopt a Zero-Trust Network Access (ZTNA) model, which takes into account context, such as the user's role, device and location when assigning access privileges, to enforce stronger security protocols. Many companies are already seeing the value of ZTNA compared to VPN. Gartner predicts that by 2023, 60% of enterprises will phase out traditional VPNs and use a ZTNA model.
Invest in 'Security Operations'
Just like an annual physical at the doctor's office can help address severe issues before they become worse, regular monitoring of the security health of an organization's resources (from apps to networks and data) will help identify issues and strengthen the overall security posture long-term. What's more, a holistic view of your health issues allows a physician to deliver more effective care to meet your needs. Similarly, an end-to-end view of your organizational systems eliminates siloes and allows more effective visibility into security needs. With remote teams leaving companies more vulnerable, organizations should invest in dedicated teams and tools that will continuously monitor their security health within a platform that allows holistic visibility, like hyper-converged infrastructure.
Ultimately, strong security measures begin with a robust infrastructure foundation that provides a defense-in-depth approach to security. Defense should be woven into every level, from platform security, to application and network security, to multi-cloud security. In today's traditional environment, infrastructure stacks are composed of products from multiple vendors, and validating a security baseline can be a time-consuming and error-prone manual process.
Hyperconverged infrastructure (HCI) reduces the complexity and increases visibility by simplifying the hardware and software stack required to deliver the performance and reliability needed for modern applications. An additional benefit of removing complexity with HCI is that with fewer operational silos, the application of security best practices are also simplified.
To make the greatest impact, also consider network monitoring tools with anomaly detection. Instead of just looking at endpoints, perimeters, and firewalls for threats, anomaly detection looks at the entire network to uncover these possible issues. This approach gives security teams constant tracking and the ability to automate the process of identifying unconventional data patterns, for example, ones that may indicate a threat. Taking a proactive approach to your security health means auditing existing resources and infrastructure, identifying systems that do not meet best practices, and ultimately, leveraging solutions to help you catch potential threats.
COVID-19 has not only changed the work environment today, but it has also impacted the way organizations are thinking about work from home – with more than half (55%) of executives surveyed by PwC claiming they will offer flexible workweeks with remote work options. As companies come to terms with the likelihood of a permanent distributed workforce, the need to secure remote-work environments becomes paramount. To reduce the security risks associated with remote work over the long term, organizations should consider adopting these security steps.