Delivering Security to Distributed and Remote Operations During a Pandemic
- 25 September, 2020 11:00
The events of 2020 have pushed enterprises into entirely new ways of working. This has had a knock-on effect of rapidly changing the security risk profile of many organizations. The push to work from home has forced organizations to open up their networks to remote access, and some of the popular tools that become indispensable for enabling people to work remotely — such as video conferencing — have proven to have major security issues.
Security has become increasingly problematic for organizations using more traditional approaches. Here are some examples of issues that have arisen:
- IT experts can’t be physically present at remote sites (such as employees’ home offices) to manage security in-person.
- The rapidly diversifying IT environment — featuring the central network, cloud services and consumer-grade technologies in home offices —is a challenge to monitor and manage cohesively.
- An urgent and greatly increased need to place sensitive data and applications in the cloud for remote access.
- Potential delays in cyberattack detection and response from these environments, resulting in issues and breaches having a significantly greater impact than if they were detected immediately.
These challenges are compounded by a rapidly escalating number of threats being observed. According to a Deloitte research paper, “From our Cyber Intelligence Centre, we have observed a spike in phishing attacks, malspams and ransomware attacks as attackers are using COVID-19 as bait to impersonate brands, thereby misleading employees and customers.”
New priorities for security professionals
While the overarching goal of cybersecurity has been to lock down an environment within a physical space, the future of work isn’t compatible with that strategy. For instance, IT teams will be unable to keep up: Between 5G, IoT, BYOD and the increasing mobility of the workforce, it’s going to be impossible to maintain point solutions for each and every device that has some connection to the organization’s networks and other assets.
In addition, new threats are a real concern for the modern security professional. SonicWall's e-book "The strategic imperative for boundless cybersecurity" shows a 145 per cent year-on-year increase in never-before-seen threats. In other words, these threats are scaling well beyond the capacity of any IT security team to manage manually. As it is, 59 per cent of organizations recognise they have too few security personnel.
To reconcile the rapidly expanding attack surface with the shortage in trained cybersecurity professionals, organizations will need to rethink their approach to security. This is where the idea of Boundless Cybersecurity comes in. Boundless Cybersecurity is a suite of solutions specifically tailored to the understanding that many of today’s IT risks and threats are occurring outside of the organization’s own walls. It is a solution that “follows” the employee, and focuses on establishing and maintaining security best practices regardless of the devices being used and the location they are being used in.
Boundless Cybersecurity from SonicWall encompasses a broad suite of tools tailored to hyper-distributed environments, including secure remote access, endpoint protection, cloud application security and email security. Combined, these solutions protect an environment from the datacentre to the edge, and at every point where data is touched.
The solution combines a whole-of-environment approach — including remote sites — with threat awareness that draws on SonicWall’s ability to gather data in real-time across 215 nations and territories. This broad reach is important, as it means that SonicWall can identify threats that emerge from less “known” areas before they can start to spread globally. The solution also leverages artificial intelligence (AI) and machine learning to provide an automated response to detected issues. Through this, SonicWall can resolve 80 per cent of all real-time cyberattacks within two seconds.
“Every security vendor is working to what is known. They have a pool of data and, based on that, they analyze and teach their solutions to recognize new ones via machine learning,” Debasish Mukherjee, SonicWall VP, Regional Sales APAC, said. “With 28 years of history in our organization, we have, over the years, built up 1.3 million sensors that are actively collecting data. Between the length of time that we have been collecting data and that huge number of sensors, we’re able to build much more robust data sets to catch new threats as they emerge.”
Critically, this solution is also highly scalable, as it is about providing security profiles rather than manually “locking down” every device. Organizations are able to onboard additional point devices as needed without stretching the overworked security team any further. Organizations can also minimise their budget by deploying and protecting only what they need to, as they need to – there is no need to invest in additional licenses and solutions that are unutilized until the organization scales.
Building a new focus on security
Enterprises also need to renew their focus on educating employees — especially those working remotely — about the expanded threat landscape. This is the first time that employees being outside the traditional perimeter has been commonplace, and according to Mukherjee, attackers have noted the associated opportunity.
“The basic challenges in security remain the same — attacks on the perimeter, in emails, and directed at the office,” Mukherjee said. “But in some areas, there are even more threats. End users are being targeted because they are outside the perimeter. Many organizations are grappling with this new focus.”
Building security solutions in a way that addresses the way people are using IT, without adding siloes, is important. But it’s just as important for security specialists to refresh and retrain staff on the safe use of technology, educate them on how to access the business network, and develop strong new policies around the technology used to access that network. The need to bring technology solutions together with education has always been there, but it is more critical now than ever before.