In the past year, organisations are realising the benefits of enabling a remote and borderless workforce, including the positive impact it has on employee well-being and productivity.
Now, organisations are focusing on how they can support their employees to work effectively and more efficiently from their remote locations. What every IT manager is currently concerned about is how they can manage and protect the enterprise network. Over the years, most IT teams have ensured their enterprise networks and the information within them are secure. With workforces logging on from remote locations, large organisations are turning towards Virtual Private Network technologies to ensure employees can continue accessing enterprise networks, even when they’re not in the offices.
Unfortunately, cybercriminals do not rest either. Cybercriminals will continue to use new and sophisticated methods to gain access to enterprise networks and valuable data. Employees working remotely are not protected in the same way as they would be in a typical office LAN environment., Cybercriminals are aware and are taking full advantage of the situation. As a result, cyberattack incidents have reached record levels.
A typical home working environment can be a localised mixed-use network connecting corporate devices, vulnerable IoT applications or personal devices and shared accounts. This type of a network environment broadens the “attack surface” thus making it an easier target for cybercriminals. The top priority for IT leaders then, is to make sure the organisation is protected and employees can work securely from their remote locations.
So, what tactics can IT leaders implement to ensure everyone in the organisation is protected from these cybercriminals?
Protecting employees from cybercriminals
Firstly, user awareness of safe remote working practice is critical to a secure working environment and maintaining data confidentiality. Informing employees on what they should do to keep data safe, and why they should do it, is critical to protecting remote end-users from cyberattacks. IT teams should consider sharing a handbook containing best practices, such as enabling two-factor authentication and requiring VPN login to apps and programs containing sensitive information. They should also consider defining an Acceptable Use Policy (AUP), so employees understand cyber security best-practice, to avoid potential threats.
Another risk area for IT teams to think about is how to implement and manage corporate policies that govern who can access the network. A simple “one-size-fits-all” approach that gives every remote user the same level of privileged access to their network resources, regardless of whether they need it, presents potential security risks. Striking the right balance between user access management and effective, secure remote access to on-premises resources, hybrid cloud environments, and business applications using policies is key. Working with a managed service partner, who can help define and implement granular policies, can go a long way towards establishing the right, robust security posture for remote workers.
If remote working cannot be restricted to a VPN, then there’s the risk of opening services directly to the internet for hackers to exploit. Any new internet-facing application needs to be planned, understood, secured and tested before use. Enterprises should always strive to balance the need for cybersecurity against the requirement for a more accessible internet-based and cloud-centric application environment.
Consider how remote users can locally access their key applications and data with minimal latency impact using a globalised secure remote access platform. Flexibility in augmenting additional remote users as the need arises via a simple per-user seat commercial model should also be a consideration going forward.
What the future looks like – with the remote end-user in mind
Remote end-users need flexibility in connecting to their enterprise networks, usually regardless of their work locations. Enterprise ICT teams should take control of their connectivity and security infrastructure and ensure that this supports safe remote working. IT teams must shift their focus to the latest security techniques based on “zero trust” whereby network access that is enabled through an identity- and context-based, logical-access boundary around an application or set of applications rather than access protections being driven by the network perimeter itself.
Taking a “zero trust” approach enables businesses to plan their shifts to the cloud, so that employees can access their data, wherever they are. Zero-Trust Network Access (ZTNA) technology grants remote workers access to corporate resources based on end-user and device identity, security posture and their agreed privileges. This allows for effective access security while also giving users their choice of devices, including Bring Your Own Device (BYOD), and applications.
Finally, Secure Access Service Edge (SASE) networking takes remote working one step further. SASE treats the enterprise as a distributed network of endpoint connections. Users can access their resources quickly and efficiently, no matter where they are. At the same time, IT leaders can still maintain a zero-trust approach across their entire network. Networking environments like SD-WAN can seamlessly integrate SASE functionality, contributing the additional business benefit of greater efficiency.
Working with a managed service provider with capabilities across both the networking and security environments means they can support and address the needs of the remote worker and manage security across this new enterprise networking environment.
Author: Samir Desai, Director of Product Management at GTT