The sudden rise of the COVID-19 crisis pushed millions of people to work fully remote, even in highly sensitive industries, such as financial services, health care and government, that have previously been unable to shift employees to location-agnostic work. This shift has fundamentally altered the future of work as organizations realize the benefits of enabling more flexible options and changing worker expectations of traditional work environments. Despite the focus being on rapidly enabling short-term remote work capabilities, the COVID-19 outbreak has accelerated the adoption of technologies, such as cloud computing, bring your own device (BYOD), and the IoT, creating long-term changes in how enterprises manage network security. By analyzing trends during COVID-19, security leaders can anticipate how the future of work might change and proactively adapt their tools and operations to protect the evolving digital ecosystem.
Today’s Pain Points are Tomorrow’s Disasters
Managing endpoint security has been a growing issue for enterprises, particularly as BYOD and IoT devices, have been introduced to corporate networks. As employees become remote, vulnerable endpoints and the possible exposed networks they use increase exponentially as every device connected to their home networks, such as smart doorbells, connected thermostats, and even gaming consoles, become potential attack routes to the enterprises. With “zero trust,” enterprises can adapt defenses to the current crisis and be prepared to manage thousands of new endpoints with varying access to corporate networks.
Escalating endpoint risk is a growing activity by hackers who are attempting to attack every known endpoint, including from the supply chain. The FBI Internet Crime Complaint Center (IC3) noted that malicious actors have attempted to sell contaminated laptops and other devices to organizations looking to shift employees to remote work. Though work-specific laptops are an effective security measure, the urgency of the current crisis has limited the time frame necessary for vetting vendors, including third-party device rentals. Unlike phishing or BEC, already compromised devices are an easy way to slip behind perimeter defense, particularly while networks are being reorganized to allow for expanded capacity. Zero trust mandates additional vetting of all devices before being joined to corporate networks, reducing the risk of compromised laptops being introduced into the digital ecosystem.
Major long-term trends that have been accelerated by COVID-19, such as cloud and IoT, will continue to grow, introducing even more endpoint vulnerabilities into the enterprise and straining the traditional methods of security. Despite the fact that cloud security continues to be a major concern, cloud spending continues to grow as Agile development, utility computing, and increasing accessibility take priority. Proactive security means adopting measures to secure cloud environments and take precautions against vulnerabilities caused by misconfigurations and large data migrations.
Rethinking the Security Framework with Zero Trust
Tackling these challenges starts with a new approach to cybersecurity. Traditionally, security has been a reactive discipline, securing new platforms and threats after they have appeared. But that model no longer works in a world driven by continuous innovation and evolution. This has resulted in a growing demand for zero trust, a security framework that requires continuous verification of all users, devices, and applications with access to corporate networks. Zero trust is not only adaptable enough to be applied across mobile, cloud, and IoT but also enables improved visibility and control even within secure networks. Overprivileged users are a critical issue in the rapidly growing digital ecosystem, increasing the risk of insider threats and data breaches caused by human error. With zero trust, organizations must define proper and well-maintained user, role, and application provisioning that require active entity authentication and compliance checks to invoke conditional access — whether a user is remote or on a corporate network, if the device is personal or corporate-owned, or if the application is internal or in the cloud.
Application proliferation, where the enterprise adds too many separate applications to manage security policies, is an acute issue during the COVID-19 crisis. The need to quickly pivot to a fully remote workforce has forced organizations to quickly deploy software for remote access, digital communication, and teleconferencing. This can result in both data leakage and security vulnerabilities, particularly as hackers race to exploit commonly used platforms, as evidenced with Zoom. Quickly adding new platforms to the enterprise network also increases the risk of human error, as workers, stressed by the crisis, are struggling to keep up with the deluge of programs. This makes them more likely to reuse passwords increases their chances of falling for phishing schemes that impersonate known brands like Microsoft.
Long term, establishing best practices for secure user management is critical. Credentials can be traded on the dark web for years as hackers collect and repackage known logins to identify vulnerable targets. To make permanent remote work feasible, the enterprise needs mechanisms that can both limit the number of vulnerable accounts by encouraging stronger passwords and multifactor authentication and invoke adaptive security frameworks that can mitigate evolving threats. With zero trust, all entities, applications, and infrastructures are continuously authenticated and only made visible upon authorization — limiting damage if an employee or service account becomes compromised. Zero trust, combined with user entity behavior analytics (EUBA) machine learning technologies to identify anomalies and respond to threats, help manage the dynamic nature of increased remote access exposures.
Remote work has long been known to improve employee satisfaction and performance, but many industries have been reluctant to embrace it as security concerns persist. COVID-19 forced that shift virtually overnight, making many organizational leaders rethink their ability to accept a location-agnostic workforce. With zero trust, security teams can streamline operations to manage the increased risk that comes with remote work, centralizing network controls to a single, adaptive policy that adjusts to innovation in the workplace.