Source: This article was first published on https://www.securityweek.com/work-anywhere-requires-work-anywhere-security
Source: This article was first published on https://www.securityweek.com/work-anywhere-requires-work-anywhere-security
Securing today’s expanding networks often includes adding additional technologies to an already overburdened security environment. With organizations already struggling to manage an average of 45 security tools, with each incident requiring coordination across 19 different devices, adding new technologies to the mix may be the straw that breaks the camel’s back.
The most recent example of the rapid expansion of the network’s attack surface has been remote work. The COVID-19 pandemic accelerated the need for a work-from-anywhere (WFA) strategy. And now, as workers begin to return to the office, a hybrid approach to work has become the new status quo. According to Accenture, 83% of workers prefer a hybrid work model that allows them to work remotely between 25% and 75% of the time. And businesses are listening. 63% of high-revenue growth companies have already enabled productivity anywhere workforce models.
One of the biggest security challenges of a hybrid workforce is that employees need to move seamlessly between the corporate office, their home network, and other remote locations. Applications, whether deployed in the data center, SaaS, or cloud, not only need to be available from anywhere, but user experience – and security – needs to be consistent from any location as well. Security policies and solutions need to follow users and data from anywhere to anywhere. It can be difficult to achieve that interoperability at any level, let alone seamlessly hand off policies, correlate threat information, and provide consistent enforcement end to end.
When the pandemic struck, workers suddenly needed to access critical corporate resources from their often undersecured home networks. While VPN was commonly used, access controls were often inadequate, allowing any user, device, or application to traverse that VPN tunnel to access corporate resources. And because endpoint devices and home networks were vulnerable, there has been an unprecedented increase in cyber events, such as the nearly 1100% increase in ransomware between June 2020 and July 2021.
And because those workers will now be moving back and forth between work environments, maintaining consistent security is even more challenging because solutions from different vendors don’t always work well together. One provides endpoint or EDR protection, another provides SD-WAN, a third does identity, maybe a fourth provides ZTNA. Another vendor offers SASE. There may even be different firewall vendors deployed across the data center, the branch, and on each of the cloud platforms in use. And worse, most of these tools were never designed for this level of interoperability.
Organizations need a “work-from-anywhere” approach to security, where solutions can follow and protect users, data, and applications from end to end. That means that the security on the endpoint needs to work seamlessly with access controls on the network and in the cloud. Secure SD-WAN and SASE solutions need to work with edge security and networking solutions, so security doesn’t stop at the edge of the campus, branch, data center, or cloud. Access policy engines need to consistently support and enforce zero-trust policies everywhere. And policy and threat intelligence need to span the entire network, providing consistent protection and enforcement even as the network dynamically adapts to changing workloads and business requirements.
However, creating such a cohesive and reliable solution with clear visibility and consistent control is nearly impossible. When tools aren’t designed to natively work together, IT teams are forced to bolt them together using complex workarounds. But maintaining and troubleshooting such workarounds ends up consuming a significant amount of IT overhead. In such an environment, even trivial product updates can become a logistical nightmare.
The first step is to identify a cybersecurity mesh platform and set a roadmap to consolidate as many of your independent security solutions as possible with a unified set of zero trust, endpoint, connectivity, cloud, and network security solutions. These tools should be designed to work as an integrated system, whether deployed directly on a security mesh platform or interoperating with that platform using purpose-built clients and APIs. This unified platform approach simplifies policy creation and enforcement, ensures uniform configurations, centralizes management, and enables the monitoring and control of users, devices, data, applications, and workflows end to end.
Fully integrated security, services, and threat intelligence platforms—that can be deployed anywhere, in any form factor—allow enterprise-grade protections to follow users and devices in the office, at home, or on the road to ensure productivity and security across the extended network.
Such a unified platform strategy can be applied to virtually any use case, including today’s three most common WFA scenarios—the corporate office, the home office, and the mobile worker:
Technology is only part of the solution. One new challenge many organizations face is that their licensing structure does not support a hybrid workforce, where users may be on or off the network at any given moment. Vendors need to provide unified consumption and licensing models that follow users and devices across any environment without the need to manually adjust licensing schemes.
If anything has become clear, it’s that today’s complex approach to security has about reached its limits in terms of scaling and adapting to today’s highly dynamic and rapidly expanding digital environments. In fact, Gartner just recently named the process of integrating security tools into a cybersecurity mesh architecture (CSMA) as a trend for 2022.
Security must be as agile as today’s workforce, ensuring consistent protection and optimal user experience regardless of where a user or device operates. Disparate technologies with separate management and configuration consoles bolted together with workarounds will always lead to security gaps and blind spots that cybercriminals will exploit. Competing securely in today’s digital marketplace requires an integrated cybersecurity mesh platform where every element not only works together but can be deeply integrated into the network to ensure that every change and adaptation is automatically recognized and protected.