The debate about employees working remotely has ended for the time being. Driven by the response to the COVID-19 pandemic that is threatening life and livelihood, working-from-home is the new normal. All you have to do is look at the sharp increase in the use of remote conferencing software and accompanying skyrocketing stock prices of companies such as Zoom. As society hunkers down to ride out this pandemic, companies are rushing to enable their employees to work from home, frequently leaving the security systems that kept them safe in the office behind.
The pandemic is causing tremendous emotional turmoil, and cyber criminals are having a field day. As people thirst for information and answers, crooks are exploiting and defrauding them – primarily using sophisticated email phishing campaigns, but also more advanced approaches such as weaponized Coronavirus-themed mobile apps that steal user information as they delivery pandemic updates.
How can companies avoid serving up their users to cyber crooks? Best practices include issuing company-owned and hardened devices, enforcing the use of strong passwords and multi-factor authentication (MFA), and having employees use a virtual private network (VPN) to connect to the company firewall. However, the reality for many companies is that these measures are difficult or impossible to effectively put in play:
- Companies may not have laptops, much less hardened ones, to issue to all employees. Additional devices, especially mobile ones, are expensive to buy and difficult to service and manage.
- Installing, configuring and training users on MFA can be challenging, and MFA may not be supported by the systems users are accessing. Some VPN solutions provide MFA, but only for access to internal network apps. Cloud-based apps have their own MFA controls that companies don’t control.
- What happens when users go home, connect to the VPN and access apps in the cloud? Companies are now backhauling all of that traffic to their corporate firewall for inspection, only to send it back out over the same network connection to the internet. Firewall, VPN and internet service that is sized for employees working in an office often won’t scale for a remote workforce.
As a result, many companies are faced with the unpleasant decision to either issue all employees hardened laptops and upgrade their existing firewall, VPN and internet service, or allow employees to use their personal computers (BYOD) to access internal company resources while bypassing security controls altogether for company resources in the cloud. It is easy to see how this plays right into the hands of cyber criminals who are keen to profit from this mad rush to remote work.
Fortunately, there is another option…
SASE for Secure Remote Access
The new normal, where workers are remote and apps are in the cloud, has fundamentally changed network traffic patterns, rendering existing network and security models obsolete. Traffic patterns are now inverted, forcing a change from data-center/corporate-office centric architectures to a model that pushes the security inspection and access control to the edge, where the endpoint and user are – an architecture called secure access service edge (SASE, pronounced “sassy”).
With SASE, it doesn’t matter where employees are working from (home or office), or what apps they are using (on premise or in the cloud). Why? Because users and all of their devices securely connect to a high-performance, auto-scaling security fabric in the cloud.
How can IT management pivot quickly to keep the organization running and your employees healthy and safe?
Discover why a secure access service edge (SASE) architecture is timely for shifting remote-access and remote-work requirements.
Listen to the Webcast, “Scalable Secure Remote Access for Mobile Users.”
Read the white paper, “How SASE Architecture Enables Flexible, Scalable, and Performance Remote Access for Workforces.”