The calendar is closing the loop on a second pandemic year, and while the disruption to the workforce was drastic in terms of IT security, networks, and collaboration, there have been positive outcomes as well. The need to improve remote-work security has caused teams to scramble but has also made ongoing hybrid models more effective.
One major effect of the shift to remote work was the expansion of the security perimeter, which had already been changed by the ongoing shift to cloud services. Security teams were expected to offer immediate extensions to cover masses of unmanaged endpoints.
Cisco’s survey results in the October 2021 Hybrid Work Index provide some insight into the remote work security challenges facing IT teams:
- From May 2020 to April 2021, the number of mobile devices accessing the corporate network increased by four times.
- There was an increase of virtual private network (VPN) and remote access by 1.5 times, but malicious access attempts grew even faster at 2.4 times in the same time period.
- Hybrid workers were pummeled with email threats, with a total of over 100 million landing daily.
If your team had any hesitation about whether to prioritize remote-work security, these numbers make the pressing nature of the problem clearer.
The Hybrid Work Opportunity: Companies are being tasked with creating a hybrid work environment that is flexible but also secure, allowing team members to access the network with the same level of protection no matter where they are working. While it created headaches early in the shift to remote work, the opportunity to jump ahead on security strategies has the benefit of preparing IT teams to support a digital-first strategy. Supporting a strong cyber security plan is the foundation for allowing companies to reach their potential for optimized hybrid work models.
Companies that attempt to take a patchwork approach will find that they are constantly scrambling to address unsecure connections, limited visibility and control, and compromised credentials. If they aren’t approaching the challenges with a unified solution, they will also struggle with a shortage in areas like skills, resources, and time.
Teams can implement five steps to support remote-work security and the hybrid work model:
- Build a zero trust network access (ZTNA) strategy by implementing multifactor authentication. Users should be granted only the minimum access they need to do their jobs.
- Consider a dynamic security approach like a secure access service edge (SASE) that allows for secure access to applications and maintains a secure environment no matter where users are.
- Build a culture of security, training employees on how to recognize malicious emails and other threats. Educate them on the cost of a breach and the important role they play in preventing one.
- Build first- and last-line defense with a combination of endpoint security and domain name system (DNS) that prevents both simple and advanced attacks.
- Pursue security in email practices. Shifting email to the cloud comes with additional threats, so make sure security matches the level of threat.
The shift to a hybrid work environment promotes a digital-first strategy, but it also comes with a broader set of threats. To get started building a remote-work security plan that protects your assets, contact us at Cloud Source.