The New Security Demands Of Our Hybrid Working Future 

For technology leaders around the world, one of the silver linings of the pandemic was that it acted as an accelerant for digital transformation. While the disruption was mercifully temporary, some of the coping mechanisms deployed by businesses to get through it are likely to persist as we emerge into a post-pandemic landscape.

One of those mechanisms is hybrid working, which has now had the chance to prove its worth in the biggest remote working experiment in history. According to Statista, more than two-thirds of business leaders are now planning to reconfigure their office space to accommodate hybrid working permanently, and 73% of employees say they want flexible, remote work options to stay as a condition of their employment. The imperative is there, and businesses are already making adjustments to their physical and digital infrastructure, but what about security? 

Network Security In The New Normal

The shift to remote networking over the course of the past 24 months has been nothing short of profound. Nonetheless, the rapid move to remote-enabled working has been driven by necessity rather than natural innovation within the market, and that means some businesses are not adequately prepared in terms of their security setup. Remote user access has become the new normal, offering greater agility and arguably better productivity, but that means legacy security solutions like static firewalls and basic VPNs (virtual private networks) are no longer fit for purpose.

Organizations are now “hyper distributed”, with applications everywhere and networks branching off in all directions.

Some may have embraced SD-WAN (software-defined wide area networking) as a means of efficiently routing traffic and increasing the QoE (quality of experience) for users, but even SD-WAN on its own has security limitations that need to be separately addressed. 

Given the sheer pace of change, it is understandable that businesses would prioritize productivity over network security in the short term, but that short-term fix is now blending into a long-term solution, and businesses need to re-evaluate their security as a result. Traditionally, a patchwork approach to security has led to a disparate array of siloed solutions, from email and browser security, right through to WAAP (web app and API protection), firewall-as-a-service, remote-access VPNs, and more. The challenge now is to consolidate these multiple product points in a unified and cohesive security package, and that’s where SASE comes in. 

The Continued Rise Of SASE Network Security

Secure Access Service Edge (or SASE) has been quietly reframing how large organizations handle their security for years, but it is only since the mass shift to hybrid working that it has become relevant for nearly all businesses. What SASE does is converge security and network technologies into a single, cloud-delivered platform that is easy to scale and that facilitates rapid cloud transformation. Geographical borders and physical spaces are becoming less relevant to today’s businesses, so it makes no sense for network security to be centralized in the traditional sense. With SASE, security is moved closer to the edge where applications, users and end-points are located, resulting in an agile, unified, low-latency solution that puts user experience, network performance and network security on an equal footing. The next step is for businesses to connect the security solutions that exist across users and devices in order to eliminate any potential security gaps. 

Combining SASE With Advanced Threat Prevention

Even when rolling out a SASE solution, businesses need to be mindful of their overall security posture. The more distributed its users, and the more devices that connect remotely, the greater the potential attack surface area for threat actors. Keeping this attack surface limited and protected is arguably one of the biggest challenges facing businesses today. Check Point’s 2022 Workforce Security Report refers to this as the “remote-access security gap”, in which 70% of organisations allow access to corporate applications from personal devices. According to the report, only 5% of businesses use all of the recommended remote access security settings when preparing to facilitate hybrid working. 

What’s more, these challenges are emerging at one of the worst possible times for businesses, with cyber attacks against corporate networks increasing dramatically. As well as thinking about centralised networks, businesses now have to consider things like endpoint resilience, their vulnerability to mobile-related attacks, remote working security policies, and even how well applications such as Office 365 or G-Suite are protected in real-time.  

Check Point Harmony is the industry’s first truly unified SASE security solution with a core focus on threat detection and prevention.

Not only does it ensure zero-trust access, it’s powered by an advanced real-time threat intelligence platform that can protect devices and internet connections from the most sophisticated cyber-attacks. Instead of stitching together security solutions to cover various endpoints and channels, Harmony unifies clientless connectivity, endpoint security, email security, internet browsing, mobile security and remote VPN access, under a single, unified umbrella.

The result is that sensitive data and users are protected whether at home, in the office or on the move, regardless of how they log on or what device they use. 

Ian Porteous is Regional Director, Security Engineering, UK&I at Check Point Software

You Might Also Read:

The Value Of Network Pen Testing To Reduce Cyber Attacks:

 

« Facebook To Pay $90m Penalty For Tracking Users
Financial Services, Online Banking & Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

SmartCyber

SmartCyber

SmartCyber is a company specializing in custom IT projects and Cybersecurity.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

CS3STHLM

CS3STHLM

CS3STHLM is the Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

C5 Capital

C5 Capital

C5 Capital is a specialist investment firm that exclusively invests in the secure data ecosystem including cybersecurity, cloud infrastructure, data analytics and space.

DeFY Security

DeFY Security

DeFY Security is a Cyber Security solutions provider with more than 20 years of experience securing financial institutions, healthcare, manufacturing and retail.

Littlefish

Littlefish

Littlefish provide world-class, award-winning Managed IT and Cyber Security Services, delivered from our 24/7 UK service centres.

Prima Cyber Solutions (PCS)

Prima Cyber Solutions (PCS)

Prima Cyber Solutions is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

Nonprofit Cyber

Nonprofit Cyber

Nonprofit Cyber is a first-of-its-kind coalition of global nonprofit organizations to enhance joint action to improve cybersecurity.

Dynamic Networks

Dynamic Networks

Dynamic Networks provide Managed Cloud Services; Unified Communications; Security & Compliance Services and Network & Infrastructure Services for both Public Sector and Private sector businesses.

ITRM

ITRM

ITRM are one of the UK’s top managed service providers and offer a range of award-winning IT solutions, from ad-hoc consultancy to cyber security.

UberEther

UberEther

UberEther are a dedicated group of software developers and consultants developing and deploying the next generation of identity management and cloud solutions.

Vantyr

Vantyr

Vantyr's core mission is to safeguard the business-led adoption of SaaS applications by automating the lifecycle management and security of non-human identities.

CloudBees

CloudBees

CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.