In 2019, most businesses still operated in a traditional way. The majority of the workforce was in the office five days a week, which meant cybersecurity strategies were more concentrated.
“Perimeter security” was an effective way to protect data. It meant that anyone inside the network was considered a trusted source, whilst anyone outside of the network would struggle to gain access.
The pandemic has changed this. Remote working means data is now moving across various networks, third-party cloud environments and devices – there simply isn’t a physical perimeter anymore. And as organisations prioritised productivity over security to keep operations going, cybercriminals took advantage - something that is evident from the rise of ransomware attacks.
It is now time to move away from a campus-style approach, analyse the tools we’re using and modify our security models to build in the right layers of protection.
The rise of shadow IT
The move to hybrid working has also caused a rise in shadow IT and employees using their own devices. According to a report by Trend Micro, 39% of employees regularly use personal devices to access company data.[1] This is okay as long as you have the right controls and policies in place. As with anything, you need to understand what you’re protecting in order to protect it.
You need to know what devices, apps and software are being used. If employees are using different software or devices, ask them why and ensure you offer them a safe alternative – it’s key to give an anonymous way of telling you so that you get the full picture. Giving them the tools they need means they won’t need to find a makeshift solution.
You also need to understand what kind of data they’re storing and sharing on these devices and create an asset inventory. Tools like Microsoft’s Active Directory can help you organise your IT into a more manageable structure and our security partner, Lookout Mobile, can help businesses get on top of their mobility footprint.
Another way to bolster security is to use new techniques such as a zero trust architecture. But what is zero trust and how can it help protect your business?
Never trust, always verify
The clue is in the name. Zero trust treats every user, device, application and piece of data as a threat – something not to be trusted. As such, all users have to authenticate themselves and receive validation and authorisation, before being given access, whether they are in the office or working remotely.
Think of it like boarding a flight. You may be able to enter the airport but there are various check-in points before you’re able to get on the plane. And to stay with this analogy, in the same way passengers are encouraged to report anything suspicious, such as unmanned luggage, employees are encouraged to do the same when it comes to cybersecurity.
A further benefit of the zero trust model is that you can also isolate data access to unique roles, making security a person-by-person experience based on the individual’s risk profile. For example, why give someone access to an entire folder on SharePoint when they only need access to one file?
This doesn’t mean that you don’t trust your employees. On the contrary, it takes the burden of keeping data and assets secure away from them. After all, security is as much about people as it is about the technology they’re using and they should be central to your cybersecurity approach.
Building a hybrid response plan
Part of creating an effective hybrid security model involves making sure your employees know what to do if they spot suspicious behaviour or think their connection, device or data has been compromised.
In this scenario, your workforce needs to know what action to take and who to contact. In a remote environment, there might not be access to the IT infrastructure and therefore your internal remote desktop service, so it is important to have other ways of communicating, such as having a hotline for employees to ring.
Working with an external company that specialises in cybersecurity can help make sure you have the right detection and response set up for this new way of working, particularly as this landscape continues to change and emerging technologies bring with them new challenges.
An agile framework
Long-term, as more users work remotely and more traffic is travelling via public clouds instead of the enterprise data centre, it’s important that your cybersecurity and networks are working together.
Solutions such as software-defined networks and SASE are increasingly popular because of their ability to help orchestrate and manage a variety of security services, such as cloud-based security, advanced threat protection, endpoint security, firewalling, and zero trust.
Rather than relying on a set of separate security components, a unified solution can give central visibility and an agile framework that supports our dynamic and evolving digital infrastructures and embraces innovation and growth.
Learn more about how to improve your cybersecurity and create a more resilient business.
