Why You Need Zero Trust Security in a Hybrid Workplace
The pandemic changed the way organizations conduct business. Primarily due to stay-at-home orders, organizations were forced or strongly encouraged to shift away from traditional in-office workforce models to a partially or fully remote model. Along with these workforce changes came new security challenges for both employees and employers.
In response to these rapid changes and their related security challenges, organizations need to put a robust and secure zero trust model in place that secures the present and future hybrid world of work.
Growth of Cyber Threats During the Pandemic
Globally, many organizations needed to shut down their in-person operations for most of 2020 and 2021. While many companies realize that this forced them to accelerate their digital transformation strategy, they may not realize how profound this shift was. According to a recent survey, the pandemic accelerated digital transformation by an average of six years.
At the same time, threat actors never stopped looking for new ways to exploit the vulnerabilities that came from this rapid shift. For example, the 2021 Cost of a Data Breach Report found that remote work and digital transformation due to the pandemic increased data breach costs. A few key findings from the report include these shocking statistics:
The average cost of a breach at organizations with 81-100% of employees working remotely is $5.54 million
There is a $1 million difference in data breach cost when remote work is a factor
It takes 10.6% longer than average to identify and contain threats for companies with more than 50% of workforce remote
Hybrid is the Future of Work
Many employees prefer remote work, and many organizations will continue to embrace the model going forward. Not only are employees happier, but they are more productive when working remotely. TANIUM's research found that nearly 65% of companies expect some or all of their workforce to remain remote indefinitely.
Happy employees work more effectively, and many enjoy working from home. According to Accenture research:
of employees identified the hybrid model as optimal in the future
of employees felt they had a better quality of life working from home
of employees like the freedom to take productive breaks
Further, research from McKinsey corroborates SoftwareONE’s research, noting that most executives support a hybrid model going forward with the following findings:
Most executives plan to have non-essential staff onsite 1-4 days/week
reported improvements in individual productivity
of executives reported improvements in team productivity
of executives reported improvements in diversity and inclusion
Companies need to create more robust security strategies to future-proof their hybrid workforces for the long-term. These models may have started as a response to the pandemic, but they now need to put long-term security plans in place to manage remote and hybrid work.
Zero Trust for Securing Hybrid Work
Although zero trust has been around for a while, its effectiveness for securing remote and hybrid work models makes it mission-critical for all companies. Let’s go over some of the basics behind zero trust.
What is Zero Trust?
In the past, companies approached security with a “trust but verify” mentality, meaning that users and devices could connect to networks but needed to be verified afterwards. This process worked because most users were already inside the organization’s physical location, meaning that people and devices were “trusted.”
Zero trust means that companies need to assume that all users and devices have already been compromised, requiring continuous authorization, authentication, and attestation as they connect to corporate networks.
Benefits of Zero Trust
Zero trust solves several security problems arising from remote and hybrid models. For example, by never trusting a user or device without the appropriate credentials, organizations can:
- Reinforce their Bring Your Own Device (BYOD) policies
- Mitigate credential theft, brute force, and insider threat risks
- Reduce the likelihood of lateral movement across systems and networks
- Reduce the likelihood that devices with malware or ransomware can be used as an attack vector
Challenges Implementing Zero Trust
For many companies, the benefits of implementing a zero trust strategy also come with several challenges and drawbacks. For example, the implementation process requires additional technologies to enable:
- Appropriate user authentication and authorization
- Limiting access according to the principle of least privilege
- File activity monitoring
- Endpoint security monitoring
- Data-in-transit and data-at-rest encryption
To make matters worse, Virtual Private Networks (VPNs) that can encrypt data-in-transit often make network speed slower, reducing productivity.
Best Practices for Zero Trust Implementations
Despite these challenges, companies can still implement zero trust models if they work with partners that enable them to put some best practices in place. Here’s what organizations should look for to get started:
It’s fundamental to ensure that users are who they say they are when implementing a zero trust model. Since zero trust focuses on never trusting anyone, organizations should make sure that users confirm their identity in several ways when securing their hybrid workforces.
Multi-factor authentication means that users must provide two or more of the following to gain access to networks and applications:
- Something they know (password)
- Something they have (token, smartphone)
- Something they are (face ID or fingerprint)
Many companies are adopting passwordless strategies, such as FIDO2-compliant keys. For example, companies can use Windows Hello that enables fingerprint recognition, a unique PIN number, or facial recognition through the PC’s camera.
Endpoint security monitoring enables organizations to ensure that devices connecting to their networks are not compromised. Every computer and server is a potential entry point that threat actors can use to deploy malware and ransomware attacks. Further, with employees working remotely, a single accidental click on a link or document in a phishing email can compromise a device.
Companies that implement zero trust use device attestation and endpoint security monitoring to mitigate these risks. Device attestation means that the device must meet the organization’s security requirements prior to being connected to applications and networks. Endpoint security monitoring gives these organizations a way to set baseline controls and review endpoints to ensure that they have not been compromised.
Identity and access are fundamental to your security perimeter. By limiting access, organizations can mitigate insider threat risks and make it more difficult for threat actors to access sensitive data. Additionally, it can stop employees from accessing sensitive documents that aren’t meant for their eyes.
Continuous Monitoring and Response
Even with continuous authorization, authentication, and attestation, companies still need to monitor their threat landscape continuously. Security Operations Centers (SOCs) continuously monitor an organization’s systems and networks, looking for abnormal activity that indicates a successful attack. For example, they might notice a high volume of failed login requests coming from the same account in a short time span, indicating a brute force attack attempt.
SOC teams that can detect new risks effectively and respond rapidly will reduce the amount of time threat actors spend in the organization’s environment. By reducing the time spent, SOC teams ultimately limit cybercriminals’ ability to steal data or deploy ransomware.
Successfully Implementing Zero Trust for Securing Hybrid Workforces
A successful zero trust implementation has a lot of moving parts, and organizations need the right set of technologies and services to protect their data. With SoftwareONE’s Managed Detection and Response (MDR) solution, companies get a purpose-built threat defense security service that continuously monitors endpoint security, email security, and server security. This includes proactive search and investigation for Indicators of Compromise (IoCs). By doing this, organizations reinforce their “assume compromise” zero trust strategies, going beyond the minimum requirements to take active steps toward minimizing data breach risks.
Keep in mind that even with a zero trust approach to security, businesses are not immune from breaches. This is where strong data backup capabilities come in. Through solutions like BackupSimple powerd by Metallic, organizations can stay in control of their data and maintain data integrity. BackupSimple powered by Metallic provides comprehensive and streamlined data recovery with a secure, scalable, and resilient platform that gives organizations control over data across their interconnected cloud ecosystems.
With a concrete plan and helpful technologies in place to help secure your network while preventing data loss, your organization can support a hybrid workforce with confidence.
Director, Security Practice & CISO
Comment on this article
Leave a comment to let us know what you think about this topic!Leave a comment
Write a comment