SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
How zero trust and SD-WANs can support productive remote working
Tue, 17th May 2022
FYI, this story is more than a year old

Of all the changes caused by the global pandemic, one of the most profound is the way it has redefined connectivity.

Previously connecting with colleagues involved gathering in a meeting room or having a casual chat in the corridor; now, many interactions are carried out virtually.

The way people connect with applications and data has also changed. For example, rather than logging into an on-premise IT infrastructure via a local-area network (LAN), users now remotely access resources that could be stored anywhere from a corporate data centre to the cloud.

These changes have brought significant challenges for IT teams. They need to ensure resources are readily available but also secure.

Security in a remote-working world

Failing to achieve strong security in this new environment can have damaging consequences. A breach can wreak havoc on a company's good name and lead to significant financial losses. Attacks can also lock staff out of key systems, halting business activity and causing frustrating disruptions for customers.

Despite being such a critical factor for organisations of all sizes, and a top business priority for IT leaders, more than 70% of businesses admit they spend less than 2% of their revenues on cybersecurity. Even with more people than ever working remotely, more than half of businesses today are spending less than $1,000 on cybersecurity per employee.

A significant lack of in-house cybersecurity skills is also a major issue, especially for smaller organisations. More than 76% of businesses are understaffed in cybersecurity, and when the average IT team member only stays for three years or less, retaining the necessary skills base is challenging.

Disconnected tools 

Industry research also shows that the average midsize business uses four or more tools for vulnerability management, and 79% of IT decision-makers admit that it takes more than 48 hours to close a vulnerability once it's been identified.

Multiple security tools that cannot integrate with others do not share context and analytics to identify indicators of compromise. Each security product requires its own management, training, support, and operations process, which are often handled by separate teams.

The business benefits of zero trust

Traditional VPNs, in isolation, assume that anything that connects through a network gateway can be trusted. While this approach provides a secure connection and adds a layer of security to less secure protocols and services, it also opens an organisation to attacks that exploit remote users and devices. It only takes one compromised password or endpoint device, and suddenly that same VPN connection becomes an entry point for cybercriminals.

First discussed back in 2010, the strategy of Zero Trust eliminates this risk by taking a ‘never trust, always verify' approach to providing access to users, devices, and applications. Zero-Trust network access establishes policies around user access based on the role of the employee and the security status of their endpoint based on three key principles:

  • Always know who and what is connecting:

Cybercriminals use a variety of techniques to steal usernames and passwords. Phishing, spear phishing, and social engineering are common and stolen credentials are for sale on the dark web. Passwords aren't good enough anymore. If it's worth protecting, it requires multi-factor authentication.

  • Limit access to business-critical systems based on well-defined permissions:

Zero Trust allows security teams to centrally manage access across all common IT systems and limit access to only specific users, devices, and applications. Access decisions happen in real-time based on the policies defined by the business and the access request context.

  • Monitor the health and security of the network and endpoints:

With employees stuck at home, the chances are high that they will also use company laptops for personal web surfing and email checking. Staying on top of threats requires persistent, advanced security that goes beyond traditional endpoint antivirus software.

The role of SD-WANs

Before the pandemic, IT teams designed their networks to accommodate the increasing use of cloud-based applications and platforms. Software-defined wide-area networks (SD-WANs) assisted in ensuring worker productivity was enhanced through the provision of fast and direct links to resources.

While cloud applications continue to grow and more organisations embrace a zero-trust strategy, businesses are grappling with how to architect networks to suit remote workers. Many cloud-first architectures are designed so that everything must pass through the network perimeter and then leave it.

Regardless of their location, users must still interact with the corporate network, often using inefficient technology, to get back to the outside world. This creates significant challenges in terms of service availability, performance, and user productivity.

The combination of zero trust and SD-WANs can help to address this situation. Uses and infrastructure can be made secure while performance and productivity are enhanced.