How to stay ahead of the next cyber breach
Article by Bitglass CTO Anurag Kahol.
The fundamental shift to home and remote working over the past 12 months has caused a major headache for cybersecurity professionals. This is because many of them are accustomed to a much more controllable security surface area that office buildings and on-premise security infrastructure provide.
With so many people working from home, the corresponding surge in app usage, unmanaged devices, web traffic and accessing internal resources is making security a much trickier prospect.
This situation looks set to remain for the foreseeable future. Indeed, according to Gartner, 74% of companies don’t want their employees returning to an office. As such, cybersecurity professionals have had no choice but to adapt as efficiently as possible. The question is, how?
With workforces now dispersed over much larger geographical areas, the sheer size of a security footprint is one of the main issues to overcome. Traditional perimeters are gone, and with them, the control that they afford.
Now, users control their own devices and operating systems, making it much harder for security professionals to achieve the oversight they need. Unfortunately, user trust and the use of on-premises solutions is not enough.
While some security professionals are lamenting the loss of the security blanket that on-premises infrastructures provide, others are seizing the opportunities it has created.
After all, the sudden, urgent shift in business practices has thrust IT into the spotlight in a way that gives them more influence than ever over how businesses are run. Executive boards worldwide are clamouring to establish new remote business processes as quickly as possible, and they’re willing to provide the budget needed to achieve it.
Yet, that doesn’t mean getting it right is easy. Even with the budget and backing, any effective security solution needs to achieve the dual goal of protecting against threats and safeguarding sensitive data without impacting on business productivity or performance — not an easy feat.
In the scramble to establish productive remote working at the start of the pandemic, many were way wide of the mark. According to Mckinsey and Company, this has ‘amplified long-standing cybersecurity challenges — physical and psychological stressors that compel employees to bypass controls for the sake of getting things done.’
In short, the push for productivity has significantly compromised security. In addition, some businesses have experienced their ‘human firewall’ crumbling, to detrimental effect.
Things like exercising good email discipline and not clicking on suspicious links/attachments are fairly simple to uphold in an office environment. Still, they have seemingly now gone out the window in the name of accomplishing tasks at home.
Fortunately, organisations can follow several central tenets to achieve the best possible threat protection and data security in place without compromising on worker productivity. These are as follows:
Start by moving all on-premises deployments into the cloud, where they can be managed easily. Next, centralise policy management using technology such as cloud access security brokers (CASBs) and secure web gateways (SWGs). Finally, look to adopt a modularised and flexible approach to policy engines wherever possible.
Keeping processes as simple as possible further removes the chances of vulnerabilities going unnoticed. As mentioned above, eliminating on-premises solutions and migrating to the cloud keeps everything together, helping avoid a fragmented security environment that’s much harder to control.
Effective consolidation and simplification allow for a much more cost-effective approach. Deployments and configurations can be done in days instead of weeks and allow businesses to balance security, availability and productivity.
Finally, ensure that any new approach is suitably future-proofed for scale. Doing so means that businesses can adapt quickly and dynamically to any workload changes while eliminating any backhaul traffic bottlenecks that can impact productivity over time.
A great example is a leading healthcare provider that my company worked with recently, which had over 15,000 employees go from working on-premises to working from home, almost overnight.
Some of the key challenges included inadequate native Office 365 security, sensitive data leakage from unmanaged devices, and a lack of integrated advanced threat protection — all of which are significant security risks for the organisation.
By adopting these tenets, the organisation quickly implemented a new, readily deployable security solution that used real-time DLP to prevent data leakage on downloads and limit access from any risky, unmanaged assets.
The solution was also able to distinguish between managed and unmanaged devices and use advanced threat protection for uploads, downloads, and data-at-rest, significantly improving security at every stage of the process.
As the business world continues to adapt to the new way of working, the security mistakes of the past 12 months should no longer be repeated. Rather than taking a panicked scattergun approach, organisations must take their time and select a consolidated solution.
The principles laid out in this article offer a great starting point that can form the cornerstone of a powerful cloud-based security solution that’s truly fit for purpose, both now and in the future.