July 19, 2022

Developing a hybrid workforce supported by cloud-native security 

Let’s not beat the hybrid workplace drum any more than it already has. An early 2022 study from Smart Company found that just under a quarter of Australian workers are now commuting to work five days a week, about the same amount are working remotely full-time, and the rest are splitting their time between days in the office and working remotely1. It’s here. To Stay. 

Let’s talk about how to secure this hybrid workforce effectively when the perimeter is no longer defined by infrastructure and data centre boundaries but by people. i.e. Your people are the new perimeter, wherever they are and on whatever devices they are using. That’s a whole new challenge and legacy corporate network and security models don’t cope – whereas cloud-native security will. 

The evolution of cloud security 

When this all started (aka the reactionary phase) organisations were scrambling to enable and secure remote access for employees and there were lots of challenges such as: 

  • Getting everyone connected – not just to cloud, but the data centre too 
  • Employees on multiple devices (personal or company) expecting to be able to use them to work from anywhere 
  • Applications had become predominantly cloud-based 
  • The need for low-latency connectivity between endpoints and cloud applications. 

Early solutions still relied on VPNs routing user traffic back through the data centre so that corporate security policies could be applied, but this is slow and costly. Remote workers also posed a greater security risk than on-site workers2 through phishing attacks, password sharing and lack of software patching on personal devices – along with the sheer volume of both threats and remote workers. IT teams went from managing a few corporate networks to worrying about everyone’s home networks too. 

 

The ACSC Annual Cyber Threat Report3 for the 2020-21 financial year showed that cybercrime reported during this period was 13 per cent up from the previous year – reflecting the report of a cyberattack every 8 minutes. A summary of these key threats and trends includes: 

  • Malicious actors exploited the coronavirus pandemic environment by targeting Australians’ desire for digitally accessible information or services. 
  • Approximately one quarter of cyber incidents reported to the ACSC during the reporting period were associated with Australia’s critical infrastructure or essential services. 
  • There was a 15 per cent increase in ransomware cybercrime. 
  • Supply chains continued to be targeted by malicious actors as a means to gain access to a vendor’s customers. 
  • The average loss per successful business email compromise (BEC) event has increased to more than $50,600 (AUD) – over 1.5x higher than the previous financial year. 
  • Remote workers caused a security breach in 20% of organisations surveyed2. 
  • A 2021 US report honed in on the top threats caused by having remote workers as phishing (62%), endpoint network attacks (employee devices and edge devices) (49%) and malware (39%)3. 
  • Of the employees caught by a phishing scam when working from home, 47% of cited distraction as the reason5. 

With humans as the new perimeter – and the massively increased need to secure devices at the edge – conditions were ripe for a concept like SASE to really take off. However, in that simple sentence, there is a catch. SASE is a framework or architecture, not a solution. It absolutely makes sense, but it doesn’t solve your problem. What will solve your problem is the right combination of SD-WAN, Secure Web Gateway, CASB, Firewall as a Service and Zero Trust Network Access solutions that together effectively constitute a SASE architecture. A framework designed to assign a user with a profile with access privileges to the cloud and access edge – effectively cloud-native security. These privileges can be enforced regardless of where your employees are, or what device or network access medium they’re using – and that’s the problem you’re trying to solve. 

Haven’t we already done cloud security? 

Most organisations have had some experience with cloud-based security, but in our experience, it hasn’t gone far enough. Just shifting network management tools (with their built-in security controls) to the cloud doesn’t constitute cloud-native security. You’re still left with gaps. Also, even if an organisation had deployed the tools listed above, they were often from different vendors with very little integration or information sharing between them, which again limits their effectiveness. 

Even if you have very limited numbers of remote workers, shifting to cloud-native security is imperative as legacy corporate network models become obsolete. These tools are still just as effective when your employees are in the office or remote, so you can utilise a single security framework while catering for multiple scenarios. This framework also becomes a platform for change, enabling organisations to develop and deliver new services and capabilities for their staff, their suppliers and their customers, knowing they have an agile, comprehensive security framework that can be applied. 

Visibility over apps and users 

Remote workers using personal devices present a massive shadow IT risk – it’s too easy to find an app to help share data and files, communicate with other remote team members, or fill any other need in your day-to-day work experience. This, in turn, leads to an even bigger problem and that’s the security of your data. Controlling the movement, storage and use of data becomes an enormous challenge not just for your information security, but also for internal and external compliance. As you can’t stop what you don’t see, visibility is incredibly important with additional controls such as DLP at the data layer. The right cloud-native security platform provides visibility and observability across your entire security infrastructure by automatically identifying devices, as well as leveraging analytics, dashboards, workflow automation, and that critical integration with third-party apps – all from a single pane of glass. 

Reducing complexity 

A cyber security mantra that we live by at Data#3 is that complexity is the enemy. Layers and layers of point solutions from different vendors that secure specific vulnerabilities all greatly increase the complexity of an environment and cloud-native security solutions aren’t immune either. Simplifying your environment doesn’t mean making it less secure. When we talk about simplification, we look at the amount of integration and communication between your solutions, which often means bringing together solutions from a single vendor. 

Vendors such as Cisco have made great strides in this regard with tight integration between tools like Cisco Umbrella, Cisco Secure Endpoint, Duo and Talos and we expect this trend to continue across other vendors and even between vendors in some cases. Simplifying your environment whilst maintaining high levels of security brings enormous benefits like helping to address the cyber security skills shortage by reducing the breadth of knowledge required to support and maintain your environment. 

You obviously can’t simplify your environment or implement cloud-native security overnight, but with Data#3’s dedicated security practice, we can help you secure your digital future by developing a transition plan based on your environment and the specific security challenges you face. 

For more information visit www.data3.com/security. 

Reach out to our security team today about designing, implementing and maintaining superior security.