Building a Resilient Cybersecurity Architecture in the Remote Worker Era
"Out of adversity comes opportunity." - Benjamin Franklin
COVID-19 has been a force to be reckoned with. That's not just because of the number of people infected, the complications with treatment and vaccination distribution, or the cost to the global economy, but also because COVID-19 has compelled us to challenge "normal."
For many enterprises, business continuity planning mostly entailed simulations of a few sites, WAN links or a couple of data centers going down. Unfortunately, most enterprises were not ready to deal with something on the scale of COVID-19. We'd be kidding ourselves if we believe there won't be another situation where we're pushed outside of our comfort zone.
Today, we are working with organizations to reassess their priorities, processes and investments. The four areas I've identified below are universal across industries and regions, and addressing them provides the agility and resiliency necessary to succeed in our current, ever-changing environment.
The need for speed
Agility is imperative, not just nice-to-have. Situations such as this prove it. Unfortunately, this is not how we designed our infrastructure and networks. We made big investments in iron stacks that sat in our data centers for half a dozen years.
It was expected that any increments to that deployment would take months. Today, your infrastructure needs to be elastic — responding to changes in demand in days, ideally minutes. Traditional appliance-based networking and security technologies were simply not designed for this elasticity
User experience is crucial
Many forward-thinking organizations had already successfully engineered flexibility into their end-user solutions, but these were typically restricted to specific groups of end users. The real challenge, especially for our customer base, was extending this flexibility across all applicable use cases.
When more and more user groups were forced to work from home, many end users' digital experiences diminished significantly. An increasing number or organizations are turning to Digital Experience Monitoring (DEM), a tool that lets organizations know how effective their services and applications are.
Your employees need the same level of unencumbered access to applications and security regardless of where their workstation is. We are helping organizations define their security architecture from an end-user experience perspective rather than the historical security-first focus to create a better experience for the entire workforce.
Danger never sleeps
Cybercriminals know there are many users working from home who are usually at a branch office behind a corporate security perimeter. You need a security infrastructure that keeps all your users protected against the latest threats, no matter where your users are. All traffic, including encrypted apps, must be inspected. All users, including third-party contractors, must be given just the level of access needed for them to be productive, without opening them up as attack vectors to the rest of the network.
The impact of the cloud
There's no doubting the economic and social impact of the COVID-19 outbreak. But it's important to step back, look at what worked and what didn't and then repeat the successes. In talking to customers that got through this, I've noticed one commonality. Those that were most closely aligned with cloud-native architectures were the quickest to cope and faced minimum disruption.
Alex Phillips, CIO at National Oilwell Varco, mentioned that his organization noticed a 4.5x increase in user connections over a 16-day period, and it fared just fine. It was on the Zscaler cloud-native platform (if you've not heard of Zscaler, it offers the world's largest cloud security platform as a service). This isn't an isolated incident.
I've witnessed many similar stories wherein organizations replaced traditional VPN technologies with Zscaler Private Access to improve application load times and eliminate the need for hardware patching and maintenance.
Not every organization can jump fully into the cloud. Many organizations have or will virtualize apps and virtualize more of their end users' desktops and laptops. We're helping organizations get there at their own pace; some industries move slower than others because of regulatory oversight (banks, insurance, healthcare orgs).
As we help organizations move their apps to their cloud, we keep security top of mind. We've outlined some key security architecture considerations when migrating applications.
- Every user must be protected by the full security stack no matter where they're physically located. That said, the experience must be frictionless. For this, each user must be connected to the cloud apps via the shortest path possible.
- Not every user needs access to every application. Give them just the access they need, nothing more. This way, you're minimizing the opportunity for lateral movement in case a device does get infected. Gartner's zero trust network access model helps achieve this. In addition, Gartner also says, "the secure access service edge (SASE) is an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS, and ZTNA) to support the dynamic secure access needs of digital enterprises."
- What is your operational risk? How are new employees on and offboarded, particularly remotely? The entitlements management and IAM architecture should integrate consistently across cloud solutions with enterprise architecture, allowing visibility, review and enforcement for all applications.
- Threats are increasingly hidden within TSL-encrypted traffic. Hence, all TSL traffic must be inspected. But if your security appliances will bottleneck performance as encrypted traffic continues to increase, you'll have a lot of unhappy users.
- Shipping, configuring, deploying and troubleshooting appliances are things of the past. If it takes anything more than lightweight software installation to get your remote users securely connected, you're looking in the wrong direction.
- No one vendor does it all. But they should all work together seamlessly. For instance, your SD-WAN vendor must be able to automate tunnels into your cloud security provider, who must allow conditional access to devices depending on whether the endpoints are secured. You get the point — for you to be truly agile, your infrastructure must be elastic, but everything must also work together so your life remains easy.
- End user architecture should align with security architecture. This is especially important for organizations that applied tactical approaches resulting in high numbers of additional devices, multiple collaboration tools and other new tech investments to enable their remote workforces quickly.
Where do I go from here?
The impacts of COVID-19 aren't entirely in our control. However, what we learn from it is fully in our control. As you rethink your security architecture, the WWT team and our trusted partners, such as Zscaler, Cisco, Palo Alto, F5, Fortinet, AppDynamics and VMware, are here to help.
WWT uses a proven and innovative approach to help our customers discover, evaluate, architect and implement a secure cloud transformation with SASE. We take a holistic approach to security rather than focusing on point solutions and adding another tool. This helps us align business goals and objectives to technical solutions, providing more effective outcomes and solutions that further the development of an enterprise architecture.
Learn more about how we can integrate and deploy solutions to help you reduce vulnerabilities, which can set the stage for future innovation. Request a workshop to start the conversation today.