The global pandemic forced many employees to work from home, and remote working is likely to become a firmly established part of the working routine for employers and employees when it ends.
A full-scale return to the office is highly unlikely. A recent survey found 90% of organisations would continue with increased levels of remote work in the future due to productivity benefits. More than half (53%) planned to make some positions permanently remote after the COVID crisis ends.
It is clear that the workforce after COVID will be hybrid, with a mix of employees who work remotely and others based in an office or a central location. But hybrid working brings its own security and networking challenges for businesses expected to support work from anywhere, any time and by anyone. This represents a huge shift from pre-pandemic days when barely a tenth of employees worked remotely and IT teams and users were prepared to put up with the performance and productivity challenges of using VPNs to access internal apps and resources.
Not so with hybrid working which requires seamless connectivity between offices and remote locations, something which VPNs cannot guarantee. This was reinforced by the survey which reported a majority of organisations (55%) had found relying on VPNs challenging during the pandemic. Not only do VPNs slow productivity and affect performance, but they also create security issues because they lack the contextual policy control, data controls or threat protection needed for users working across a wide variety of apps, devices and locations.
VPNs are not enough for hybrid working
VPNs may work as an access tool but they are not a security tool. Hybrid working relies on easy and secure access to all work data – whether cloud, web or internal applications hosted at the data centre. This requires adaptive, real-time visibility and control to protect data across all types of applications, whether cloud, web or private and on-premises apps.
In tandem with hybrid working there has been a rise in the use of hybrid devices – otherwise known as Bring Your Own Device (BYOD) clients – by remote employees. Many businesses are willing to enable BYOD for their workers but it adds another layer of security challenges. For example, how do they secure those devices against data loss or theft or prevent them from being used for unauthorised access to company data and systems?
To serve the hybrid workforce effectively, businesses need more flexible IT ecosystems which means making more use of the cloud and cloud security tools. With people working on and off-premises, the cloud can play a critical role in a mixed IT and security environment.
The right platform for a hybrid workforce
To support a secure and productive hybrid workforce, enterprises need a technology platform that scales and adapts to their changing business requirements. This requires adopting a modular approach to support hybrid workers that include integrating zero trust network access (ZTNA) for access to private or on-premises applications, a multi-mode cloud access security broker (CASB) for all types of cloud services and web security on-device to protect user privacy.
Securing corporate data on managed and BYOD devices are critical for businesses with hybrid workforces. ZTNA surmounts the challenges associated with VPN and provides greater protection. It uses the zero-trust principle of least privilege to give authorised users secure access to specific resources one at a time.
This is accomplished through identity and access management (IAM) capabilities like single sign-on (SSO) and multi-factor authentication (MFA), as well as contextual access control. Leading ZTNA solutions can provide this functionality natively as well as integrate with whatever solutions are already in place. Most of them are
delivered through the public cloud. To enhance the security of BYOD devices, ZTNA can use agentless deployment options to secure browser-based access to apps on-premise by remote personal devices.
CASB delivers data and threat protection in the cloud, on any device, anywhere. It can help prevent data leakage and threat intrusions, protect against known and unknown data leakage risks and malware threats while providing visibility and clean up after such events. Multi-mode Next-Gen CASB provides management, security and Zero-Day protection to prevent known and unknown data leakage risks and malware threats on managed and unmanaged apps, as well as on managed and unmanaged devices.
The transformation to hybrid work environments and remote devices, including personal BYOD devices, will provide the flexibility and remote access employees are looking for. But it will also bring challenges to IT and security teams. Enterprises should take the opportunity to seriously rethink their approach and secure all forms of communication among users, devices, apps or web destinations.
About the Author
Anurag Kahol, Founder and CTO of Bitglass. Anurag expedites technology direction and architecture. Anurag was director of engineering in Juniper Networks’ Security Business Unit before co-founding Bitglass. Anurag received a global education, earning an M.S. in computer science from Colorado State University, and a B.S. in computer science from the Motilal Nehru National Institute Of Technology.