Samir Desai, Director of Product Management,GTT
Over the past year, the way we work has changed. As Covid 19 restrictions are eased in some countries, it’s clear that the
option to WFH will in most cases need to be an option in order for companies to attract the best talent. Despite the call for a ‘return to the office,’ employees are still logging on from home and this is unlikely to go away anytime soon. The pandemic has caused many organisations to realise the benefits of enabling a remote and borderless workforce, including the positive impact it has on employee well-being and productivity.
Now more than ever, the onus is on organisations to ensure they’re supporting employees in the best way possible from their remote locations. To do so, enterprise networking is a vital component. Essentially, it’s down to IT managers to consider how they can manage and protect the enterprise network. It’s essential for IT teams to keep their enterprise networks and the information within them secure.
Unsurprisingly, with many employees still working from home, large organisations are reliant on secure remote access to corporate Virtual Private Networks (VPNs). To drive productivity, employees must be able to access enterprise networks with ease and go about their day-to-day work uninterrupted by network-related incidents.
However, cyber-criminals are right outside the door. Unfortunately, their methods are growing more sophisticated and enterprise networks are at risk of losing valuable data. Employees working remotely are not protected in the same way as they would be in a typical office LAN environment. This vulnerability creates opportunities for a cyber-attack. There’s no doubt cyber-criminals are aware and are taking full advantage of the situation. As a result, cyber-attack incidents have skyrocketed.
A typical home working environment can be a localised mixed-use network connecting corporate devices, vulnerable IoT applications or personal devices and shared accounts. This type of a network environment broadens the “attack surface” thus making it an easier target for cyber-criminals. The top priority for IT leaders then, is to make sure the organisation is protected and employees can work securely from their remote locations.
How can IT leaders create a strong line of defense against cyber-criminals? Let’s find out.
Keeping cyber-criminals at bay
Firstly, user awareness of safe remote working practice is critical to a secure working environment and maintaining data confidentiality. Informing employees on what they should do to keep data safe, and why they should do it, is critical to protecting remote end-users from cyberattacks. IT teams should consider sharing a handbook containing best practices, such as enabling two-factor authentication and requiring VPN login to apps and programs containing sensitive information. They should also consider defining an Acceptable Use Policy (AUP), so employees understand cyber security best practice, to avoid potential threats.
Another risk area for IT teams to think about is how to implement and manage corporate policies that govern who can access the network. A simple “one-size-fits-all” approach that gives every remote user the same level of privileged access to their network resources, regardless of whether they need it, presents potential security risks. Striking the right balance between user access management and effective, secure remote access to on-premises resources, hybrid cloud environments, and business applications using policies is key. Working with a managed service partner, who can help define and implement granular policies, can go a long way towards establishing the right, robust security posture for remote workers.
If remote working cannot be restricted to a VPN, then there’s the risk of opening services directly to the internet for hackers to exploit. Any new internet-facing application needs to be planned, understood, secured and tested before use. Enterprises should always strive to balance the need for cybersecurity against the requirement for a more accessible internet-based and cloud-centric application environment.
Consider how remote users can locally access their key applications and data with minimal latency impact using a global secure remote access platform. Flexibility in augmenting additional remote users as the need arises via a simple per-user seat commercial model should also be a consideration going forward.
Taking a “Zero Trust” based approach
Whether employees are working from home or decide to take a trip to the office, there needs to be flexibility in connecting to their enterprise networks. It’s time for enterprise ICT teams to make security infrastructure a top priority. This means adopting a “zero trust” approach. This means network access that is enabled through an identity- and context-based, logical-access boundary around an application or a set of applications rather than access protections being driven by the network perimeter itself.
With a “zero trust” approach, businesses can plan their shift to the cloud, allowing employees to access their data, regardless of where they are. Technologies such as Zero-Trust Network Access (ZTNA) technology help employees by opening up access to corporate resources based on end-user and device identity, security posture and their agreed privileges. In turn, this allows for effective access security while also giving employees their choice of devices, including Bring Your Own Device (BYOD).
Finally, the Secure Access Service Edge (SASE) framework is ideally suited to support any hybrid work model. SASE combines core network and end-user security functions with Software-Defined WAN (SD-WAN) capabilities. Typical use-cases that leverage the SASE framework are identifying mission-critical and sensitive data or malicious malware, decrypting content in real-time with continuous monitoring of risk and trust levels and authorising end-user access to SaaS or public cloud-based applications. These capabilities are, in itself, delivered and distributed through the cloud, meaning remote employees can access them anywhere, based on context and user identity. With SASE, users can quickly access what they need no matter where they are. What’s more, IT leaders can simultaneously maintain a zero-trust approach across their entire network.
Overall, with the right technology and service framework in place, organisations can ensure comprehensive security of their network whether employees are in the office, at home or even a coffee shop. With the added support of a managed service provider, employees can be protected and work efficiently.