One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1770249 |
| Date de publication | 2020-06-17 11:00:00 (vue: 2020-06-23 06:15:42) |
| Titre | The challenge to security for the new normal |
| Texte |
As states begin to lift shelter in place orders and businesses reopen their doors, there is a lot of speculation as to what “the new normal” will look like. And so far, there are still more questions than answers for those of us working from home.
When is it safe to return to work?
Will we have to run at reduced occupancy?
What if cases of COVID-19 spike again or returns in the fall?
Is it even necessary to return to the office when employees can work from home?
None of us have a crystal ball to accurately predict when we will return to our cubicles, but if anything, this global event has made it abundantly clear that business continuity relies heavily on enabling employees to work from virtually anywhere. On the surface, this may seem like a fairly simple task. The majority of workers have some sort of mobile device, whether it be a laptop or smart phone, as well as internet access. A lot of us have already been working remotely at least part of the time prior to the pandemic. But for technology teams that are tasked with supporting the work from home initiative, the solution may be a lot more complex. Not only must they solve for access at scale, but visibility and security as well.
The first major hurdle for supporting a remote workforce is providing access to the applications and data they require to conduct business. Most organizations have deployed some form of VPN for this purpose, but few have built it with the intention of supporting all of their workers connecting simultaneously. As a result, they are finding that their VPNs are getting overwhelmed and users are experiencing latency or trouble connecting to the network altogether.
Employees may attempt to resolve the VPN connectivity or latency issue by just connecting to the Internet directly to accomplish whatever work is possible without accessing the network and by using unsanctioned web-based applications. It’s also very possible that they, or other members of their household, may even use their company owned devices for purposes completely unrelated to work. And when traffic isn’t routed to the data center, businesses operating on a hub and spoke model lose visibility as well as their ability to enforce security policy. Without these guardrails, the possibility of a security incident becomes more likely as employees freely surf the net, click links, and download files without the analysis provided by a perimeter security device.
Organizations could certainly respond to these challenges by expanding the capacity of their VPN concentrator. If employees are able to easily access assets hosted on the network and the Internet through VPN without performance concerns, they are a lot more likely to connect to it as a habit when they begin their work day. But this approach still relies on voluntary action on the part of the remote worker and isn’t really the most efficient way for employees to access applications and data hosted in the cloud. Another consideration is that although many VPNs provide similar visibility and security controls as next-generation firewalls, a lot of organizations are still managing both products, using separate user interfaces to protect their on-site and remote users.
Businesses that want future ready security and to maintain visibility across users, during the pandemic and beyond, should give strong consideration to a cloud-based security solution that does not rely on backhauling traffic to the data center for enforcement. Security hosted in the cloud means fewer appliances to purchase and manage but can also help provide the flexibility that is desperately needed during this time of uncertainty by following users virtually anywhere they conduct business. There are a lot of point products on the market that can solve the challenge of providing zero-trust ne |
| Notes | |
| Envoyé | Oui |
| Condensat | “the greatly to 24x7 ability able abundantly acceptable access accessing accomplish accurately across action administrators advanced again against agile all already also although altogether analysis another answers anything anywhere appliances applications approach appropriate are arrangement assets associated at&t attempt augment backhauling ball bandwidth based become becomes been begin best beyond both breach but built business businesses but can capabilities capacity casb cases center centralized certainly challenge challenges choosing clear click cloud coffee company completely complex comprehensive concentrator concerns conduct connect connecting connectivity consider consideration consolidate constraints continuity control controls could covid crystal cubicles data day deployed desperately device devices directly dlp does doing doors download during easily effects efficient employees enabling encounter encountering enforce enforcement entire evaluating even event evolve expanding experiencing exposure fairly fall far fewer files finding firewalls first flexibility following form freely from future gateway generation getting give given global granular guardrails habit has have heavily help helps here highly home hosted hotel household hub hurdle incident informed initiative initiatives intention interfaces internet isn’t issue it’s just keys laptop latency least lift like likely limit links look lose loss lot made maintain major majority malware manage managed managing many market may means measures members mobile model more most must native necessary need needed net network new next nimble none normal normal” not occupancy off offer offers office only operating opportunity opposed orders organizations other overwhelmed owned pandemic part particularly partners party performance perimeter permit phone place plethora point policies policy possibility possible predict prepared prevention prior product productively products protect protected protecting protection provide provided provides providing purchase purpose purposes questions ready really reduce reduced relies rely remain remote remotely reopen requests require requirements resolve respond restricts result return returns role routed run safe sandboxing scale secure security seek seem segment separate service services shelter shop should shouldn’t similar similarly simple simultaneously site sites smart solution solutions solve some sort specific speculation spike spoke staff states stop stress strong subscribing support supporting surf surface surfing task tasked teams technologies technology than them these third those threats through time to only traffic trouble trust turn uncertainty unified unrelated unsanctioned use useful user users using vendors very view virtually visibility visit voluntary vpn vpns want way web websites well what whatever when whether will without work worker workers workforce working workplace zero |
| Tags | Malware |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.