The New Normal: Working from Home and Extending Perimeter Defenses

Written by

Recent events have radically changed the state of enterprise IT. As lockdown orders have gone out, employers have turned their staff into remote workforces practically overnight.

While there are many enterprises that promote remote working as a legitimate option for employees, never has it been on such a wide or urgent scale.

Organizations’ primary requirement is Secure Access to distribute corporate applications and resources – on networks and in the cloud. Since the beginning of the COVID-19 health crisis, VPN use has increased by 124 percent and will need to be expanded to provide secure connections between employees and corporate networks.

Operations teams are now scrambling to increase bandwidth and maintain performance for the significant number of employees that will now be accessing corporate apps and data remotely. With predictions that WFH will usher in new digital worker flexibility, so too will organizations need to reorient employee and corporate safeguards, as well as change their concept of perimeter defenses.

Many employees will also have to learn a new kind of cyber hygiene. Remote workers may be using devices, such as home desktops or family tablets, which do not measure up to enterprise security standards, so companies will need to educate their remote workforce on how to mitigate security risks in this new reality. Employees must have a solid knowledge of the threats that face them -- from phishing attacks to the threat actors targeting them -- and what they can do to protect themselves.

The need for secure access to empower workforce mobility and productivity goes hand-in-hand with enterprise network trends such as cloud migration, SaaS, BYOD, virtualization, IoT and cybersecurity. Indeed, in 2010, the research firm Forrester wrote that traditionally “networkers have been more concerned with infrastructure than with data, more with roads than with destinations. Network professionals built yesterday’s networks at the edge, with the Internet connection, and then built inward, without regard to the placement of resources or data.”

Zero Trust aims to reverse that, increasing security at the user and device level, where vulnerabilities are most prevalent, and governing application access to only authorized users.

Enterprises are currently managing their workforce’s IT needs remotely and at scale. Those workers may not be used to remote working or may be using and sharing personal devices - many of these access points, public networks and devices may not be compliant with enterprise security requirements – especially when they are accessing sensitive corporate information in the cloud and data center.

Attackers are relying on it. Through various attack methods, from phishing to malicious sites, once that device becomes exploited or a credential is successfully obtained, it can lead to unauthorized access to corporate apps, resources and information. Hence the new doctrine to verify before trust; ergo “Zero Trust.” Zero Trust contends that any entity - wherever, whatever or whoever they are - must authenticate to a specific controller in order to be granted direct access to a specific, authorized application or resource – be it network or cloud.

Prior notions of a perimeter defense, where those within a network were considered trusted and often had broader access to internal resources, are a thing of the past as more organizations are leveraging cloud applications and resources.

Zero Trust models change the trust dynamic. Were an entity to request access to an application or resource within a Zero Trust network, it would be subject to a thorough vetting process: both the user and the device are validated and verified, one or more policies govern the application access, and all data is encrypted for each transaction.

Many of the risks that enterprises currently face involve the insecurity of their employees, their behavior and their devices: Zero Trust can take security largely out of their hands. After users and their devices are fully verified using Multi-Factor Authentication (MFA), workers can log in to access resources and applications using Single Sign-on (SSO), whether they are in the data center or cloud. Authentication is federated thanks to SSO and yields more seamless access for the remote workers. From then on, Zero Trust mechanisms will constantly authenticate the user and device throughout their access journey, shutting them down if they exhibit abnormal behavior.

This constant authentication, authorization, and validation process is not based on things like inherently weak passwords, but based on a behavioral profile of each user, their devices, and data being accessed.

Zero Trust architectures can also enable features which evaluate the security of the entity from which the request is coming. If it does not measure up to the set security policy (either pre-defined or custom), the user can be denied access and the device can be quarantined for future remediation, with or without the user’s involvement.

This has two effects. The first is the enhanced security that comprehensive and constant authentication brings, such as a reduced attack surface and significantly reduced chances that unauthorized users access applications. The second is that the user experience is vastly simplified, making a user’s job easier and cutting down on the friction that so often leads to employees overriding security policies to get their job done faster, leading to fewer help desk calls and reduced troubleshooting.

Enterprises are currently scrambling to give their employees the access they need to do their jobs and the security they need to do so safely. This involves seamlessly integrating new access requests with existing policies, deploying new and additional infrastructure, and continuing to meet compliance mandates and requirements. As a result, enterprise IT is undergoing a stress test.

Remote work has grown by 400 percent in the last ten years and will likely continue that trend upwards. Enterprises should be aiming for Secure Access anytime, anywhere, from any device.

The stress that enterprise networks are experiencing today offers an opportunity to implement Zero Trust. Organizations can reduce the possibility of malware penetrating the network, lessen the chance of credentials being stolen, and ensure that only authorized users access appropriate applications and data.

This leads to an increased security profile, better compliance, and reduced attack surface – all of which are beneficial no matter where your employees work.

What’s hot on Infosecurity Magazine?