Hybrid work safety requirements

A large number of employees, 73%, say they want flexible and remote work options to remain a condition of their job. CONTRIBUTED PHOTO

ACCORDING to the latest figures, more than two-thirds of business leaders are now considering reconfiguring their office space to accommodate hybrid working permanently, and 73% of employees say they want flexible and remote working options. remain a condition of their employment. The imperative is there, and companies are already making adjustments to their physical and digital infrastructure, but what about security?

The new normal

The shift to remote networking over the past 24 months has been nothing short of profound. Nevertheless, the rapid shift to remote working has been driven by necessity rather than natural innovation in the market, which means some companies are not sufficiently prepared in terms of security setup. Remote user access has become the new norm, providing greater agility and arguably better productivity, but that means legacy security solutions like static firewalls and basic VPNs (virtual private networks) are no longer suitable for use. Organizations are now “hyper-distributed”, with applications everywhere and networks branching off in all directions. Some may have embraced SD-WAN (Software Defined Wide Area Network) as a way to efficiently route traffic and increase QoE (Quality of Experience) for users, but even SD-WAN alone has safety boundaries that must be separated. addressed.

Given the rapid pace of change, it’s understandable that businesses prioritize productivity over network security in the short term, but that short-term solution is now merging into a long-term solution, and businesses need to reassess their safety as a result. Traditionally, a patchwork approach to security has led to a patchwork of siled solutions, from email and browser security, to WAAP (web application and API protection), from firewall as service, remote access VPNs, etc. . The challenge now is to consolidate these multiple product points into a unified and cohesive security package, and that’s where SASE comes in.

The rise of network security

Secure Access Service Edge (SASE) has been quietly reframing the way large organizations have been managing their security for years, but it’s only since the massive shift to hybrid working that it’s become relevant to nearly every business. What SASE does is converge security and networking technologies into a single cloud platform that is easy to scale and facilitates rapid cloud transformation. Geographic boundaries and physical spaces are increasingly irrelevant to today’s businesses, so it doesn’t make sense for network security to be centralized in the traditional sense. With SASE, security is brought closer to the edge where applications, users, and devices reside, resulting in an agile, unified, low-latency solution that places user experience, network performance, and network security on an equal footing. The next step is for companies to connect the security solutions that exist between users and devices to eliminate any potential security gaps.

Advanced Threat Prevention

Even when deploying a SASE solution, organizations need to be aware of their overall security posture. The more distributed its users and the more devices connecting remotely, the greater the potential attack surface for threat actors. Keeping this attack surface limited and protected is arguably one of the biggest challenges facing organizations today. Check Point’s 2022 Workforce Security Report refers to this as the “remote access security gap”, in which 70% of organizations allow access to corporate applications from personal devices. According to the report, only 5% of organizations use all recommended remote access security settings when preparing to facilitate hybrid working.

Moreover, these challenges are emerging at one of the worst possible times for businesses, with cyberattacks against corporate networks increasing dramatically. In addition to thinking about centralized networks, companies now need to consider things like endpoint resiliency, vulnerability to mobile-related attacks, remote work security policies, and even real-time protection for apps like than Office 365 or G-Suite. .

Check Point Harmony is the industry’s first truly unified SASE security solution focused on threat detection and prevention. Not only does it ensure trustless access, but it is also powered by an advanced real-time threat intelligence platform that could protect devices and internet connections against the most sophisticated cyberattacks. Instead of piecing together security solutions to cover various endpoints and channels, Harmony unifies clientless connectivity, endpoint security, email security, web browsing, mobile security, and remote VPN access , under one unified umbrella. The result is that sensitive data and users are protected whether at home, in the office or on the go, regardless of how they log in or what device they use.

Gary Gardiner is Head of Security Engineering for Check Point Software Technologies in Asia Pacific and Japan.

Source link