Traditional network security fails when everyone works remote
Experts recommend we take a more holistic, stricter approach with our security. Could Zero Trust be the answer?
Security Threats are Increasing
The numbers from the Verizon Mobile Security Index 2020 Report are stunning. 39% of companies responding suffered a security compromise. That’s up from 33% in 2019, and 27% in 2018. Companies that skimped on security saw more attacks than those that didn’t. The best performing industry vertical, which was professional services, reported a 27% compromise rate.
Mobile threats aren’t the only concern either. The ISACA’s State of Cybersecurity Report 2020 shows that 92% of security professionals reported increased attacks when COVID-19 began.
The Traditional Domain Model is Failing
In most of the history of the public internet, the domain approach has been the norm for businesses of all types. Companies have typically stored their files and other resources on on-premise infrastructure within their domain. Then security rules, firewalls, and other security technologies are put in place to prevent entry from external parties. The boundary with the private network is guarded like the drawbridge of a castle.
But experts now see this as not enough. Once an attacker breaches a network, on-premise resources become vulnerable. Attacks are notoriously difficult to prevent with the legacy domain model.
The Zero Trust Network
The recommended approach today is a Zero-Trust Network, where cloud-computing is used to lower risk and ease employee access. Zero Trust considers everyone guilty until proven innocent. The fundamental difference lies in the way access is granted.
In a Zero-Trust Network, access to resources is granted real-time and on-demand each time a request is made. When a user tries to open a file, several checks are made to validate the request.
It introduces the concept of conditional access and ads the ability to perform device attestation, multifactor authentication, and geo-fencing. Further, when combined with cloud storage and SaaS apps, employees can access resources from anywhere and don’t require a VPN. With many employees now working outside of the corporate network, the domain model is less and less relevant, and a Zero-Trust Network makes more sense than ever.
Balancing Security and Employee Experience
For companies wanting to ramp up their security, virtual desktop or remote access solutions are available, but these often compromise the employee experience. Finding the right balance between endpoint security and employee experience is the challenge facing many companies as they think about the long-term implications of remote work.
In their whitepaper, titled The Six Pillars of Modern Management, workforce mobility leader Mobile Mentor outline that a Zero-Trust Network makes holistic and agile security entirely possible whilst protecting the employee experience.
The zero-trust paradigm involves a dynamic set of security polices applied to the device, the person and the data being accessed. This approach lowers risk for the company and eases access for employees. Access is granted or denied by applying conditional access rules with additional security applied to high risk scenarios
“Zero-trust assumes all devices are untrusted and cannot access company resources until proven otherwise. Guilty until proven innocent,” Mobile Mentor explains.
How zero-trust is enacted differs between companies though, with new configurations able to be made based on questions such as where employees are located or how sensitive the data at hand is.
It is an approach that is part of a wider emerging Modern Management approach to business IT – more in line with employees accessing data on the go. The need for VPNs and virtual machines is removed, which reduces risks of delays and bottlenecks in processing times.
We enable remote teams to be secure and productive. Work is an activity, not a place. We’re a Microsoft Gold partner specialising in modern work technology that enables remote teams to be secure and productive.
The term Infrastructure Modernisation rose from the expensive struggle businesses face maintaining, upgrading and scaling their digital content infrastructure requirements. This infrastructure refers to data center hardware, including all the storage servers, network devices, operating systems and middleware that allow companies to store, protect and access content. It’s usually complex, expensive to manage, a hassle to manage and update, hard to expand, and, in many cases, needs modernising.