Almost two years ago employees packed up their laptops and headed home to work from their kitchens or bedrooms for what they thought was just two weeks. Since then, security teams across the globe have been dealing with the repercussions that have come with their workforce working from home. And with recent Gartner data revealing that nearly half (47%) of business leaders intend to allow employees to work remotely full time going forward, it’s clear that remote work is here to stay as well as the security risks (and costs) that come with it.
While work from home has plenty of benefits for employees, one very large disadvantage many organizations are facing is the increased number of employees working from personal or shared devices or unsecured networks. By doing so, many employees are unknowingly exposing their organizations to a plethora of potential cyber threats and ransomware attacks. A recent study from theIdentity Theft Resource Center found that there was a 17% increase in publicly reported data compromises from 2020 through September 30, 2021. We can attribute most of these breaches to the increase in people working from home and the increased holes poked into organizations’ defenses. As organizations’ cyber experts continue to manage remote work challenges in 2022 and beyond, one thing is clear: the concept of securing a perimeter is antiquated and it’s time to embrace something new.
Step One: Implement Zero-Trust Architecture
Work from home has become work from anywhere, essentially making companies borderless. Prior to lockdowns, organizations were easily able to track cyber threats and protect their employees’ devices, as they were almost all working from the same, secured network. Now, employees are working from their homes, cafes, on the road and in the office. Because of this, CISOs need to think strategically and implement borderless security based on a zero-trust architecture.
Zero-trust architecture, or ZTA, is a perimeter-less security system that is becoming an increasingly popular option for many organizations as it is one of the only ways to properly secure remote work environments. Even though it has been a security option for almost a decade, the past year has proven just how necessary this type of architecture is to fully secure one’s enterprise.
Zero trust’s initial focus was to apply tighter controls for each network segment and resource endpoints. Or, to compare it to the physical building metaphor, putting a security guard at every door, hallway, and elevator—and even at each office entry. But despite zero trust’s network origins, it’s important to point out that today these same concepts have moved up the stack to the services and applications layer. This approach means that IT can use zero trust methodologies to control responses to access their protected resources directly.
Step Two: Redesign Your Security Controls
As part of implementing a zero-trust framework, the next step CISOs must take is to redesign their security controls and identity and access management policies to reflect the shift to ZTA. Upgrading to continuous authentication provides the foundational level of intelligence (advanced user context) and controls needed to power adaptive access management. Continuous authentication applies the same types of risk assessment as basic risk-based authentication but remains active throughout the session. This holistic approach to access management defends against both outsiders, whose favorite tools are compromised credentials (phished or hacked) and man-in-the-middle attacks, as well as insiders who abuse their granted rights or who take advantage of a shared credential to gain unapproved access. For business continuity, organizations must enable access of mission-critical assets to employees wherever they are located. But for security purposes, CISOs and their departments need to have full visibility as to what devices are being used and on what networks.
For this to happen, employees must agree to these new policies while using their personal devices for work or while using work devices for non-work-related activities. While this may be a difficult and tedious task, it’s the only way for borderless systems to be secure.
The line between work and home has permanently been blurred due to the remote work model. Over half (54%) of employees admit to using a work device for personal use, according to a report from Opinium Research from early this year. While employers can’t control their workforces’ every move on or off the clock, it is essential to the security of the enterprise to gain insights as to what activities are being done on work devices and how these activities can expose organizations to ransomware or cyberthreats. Each day, the enterprise is expanding with more and more endpoints beyond any border CISOs previously had and understanding where they are can save businesses from future attacks.
As we enter another year into the pandemic, companies across the globe have yet again had to change their business models in order to survive. In 2020, it was to quickly adopt a remote work model, no matter what the cost. No one could have imagined the potential scale of cyberattacks that occurred to mission-critical systems –from private enterprises to government organizations –because of this sudden change in work style. But companies couldn’t focus their attention on security as they needed to stay afloat financially and prove their business model could survive a pandemic. By 2021, we realized the mistakes we made, while inevitable, from shifting quickly to a remote model with no action plan. This was the year that organizations had time to take a step back, understand why cyber threats were happening at such an exaggerated rate, and take the next steps to solve these problems. 2021 was much more about resolving cyberattacks versus being able to prevent them. Now, 2022 is the year to implement changes to prevent future attacks from even happening. A zero-trust architecture can (and will) help CISOs across different industries to better protect their companies and focus on new problems, innovations and challenges beyond cybersecurity.
About the Author: Stan Wisseman is Chief Security Strategist for North America with CyberRes, a Micro Focus line of business. In the information security field for over 30 years, Stan has applied security best practices to operating systems, networks, systems, software, and organizations. Before his current position, Stan served as the Chief Information Security Officer for Fannie Mae. He has also worked in various roles for the NSA, Oracle, Cable & Wireless, Cigital, and Booz