The new security demands of our hybrid working future

Mr Gary Gardiner

According to the latest figures, more than two-thirds of business leaders are now planning to reconfigure their office space to accommodate hybrid working permanently, and 73% of employees say they want flexible, remote work options to stay as a condition of their employment. Businesses are already making adjustments to their physical and digital infrastructure, but what about security?

The shift to remote networking over the course of the past 24 months has been nothing short of profound. Nonetheless, the rapid move to remote-enabled working has been driven by necessity rather than natural innovation within the market, and that means some businesses are not adequately prepared, in terms of their security setup. Remote user access has become the new normal, offering greater agility and arguably better productivity, but that means legacy security solutions, like static firewalls and basic VPNs (virtual private networks), are no longer fit for purpose. Organisations are now ‘hyper distributed’, with applications everywhere and networks branching off in all directions. Some may have embraced SD-WAN (software-defined wide area networking) as a means of efficiently routing traffic and increasing the QoE (quality of experience) for users, but even SD-WAN, on its own, has security limitations that need to be separately addressed. Given the sheer pace of change, it is understandable that businesses would prioritise productivity over network security in the short term, but that short-term fix is now blending into a long-term solution, and businesses need to re-evaluate their security as a result. Traditionally, a patchwork approach to security has led to a disparate array of siloed solutions, from email and browser security, right through to WAAP (web app and API protection), firewall-as-a-service, remote-access VPNs, and more. The challenge now is to consolidate these multiple product points in a unified and cohesive security package, and that is where SASE (Secure Access Service Edge) comes in.

SASE has been reframing how large organisations handle their security, but it is only since the mass shift to hybrid working that it has become relevant for nearly all businesses. What SASE does is converge security and network technologies into a single, cloud-delivered platform that is easy to scale and that facilitates rapid cloud transformation. Geographical borders and physical spaces are becoming less relevant to today’s businesses, so it makes no sense for network security to be centralised in the traditional sense. With SASE, security is moved closer to the edge where applications, users and endpoints are located, resulting in an agile, unified, low-latency solution that puts user experience, network performance and network security on an equal footing. The next step is for businesses to connect the security solutions that exist across users and devices, in order to eliminate any security gaps.

Even when rolling out a SASE solution, businesses need to be mindful of their overall security posture. The more distributed its users, and the more devices that connect remotely, the greater the potential attack surface area for threat actors. Keeping this attack surface limited and protected is arguably one of the biggest challenges. Check Point’s 2022 Workforce Security Report refers to this as the ‘remote-access security gap’, in which 70% of organisations allow access to corporate applications from personal devices. The report says only 5% of businesses use all of the recommended remote access security settings when preparing to facilitate hybrid working. What is more, these challenges are emerging at one of the worst possible times for businesses, with cyberattacks against corporate networks increasing. As well as thinking about centralised networks, businesses now have to consider things like endpoint resilience, their vulnerability to mobile-related attacks, remote working security policies, and even how well applications such as Office 365 or G-Suite are protected in real-time. Check Point Harmony is a unified SASE security solution with a core focus on threat detection and prevention. Not only does it ensure zero-trust access, it is also powered by an advanced real-time threat intelligence platform that can protect devices and internet connections from sophisticated cyber-attacks. Harmony unifies client-less connectivity, endpoint security, email security, internet browsing, mobile security and remote VPN access, under a single, unified umbrella. The result is that sensitive data and users are protected whether at home, in the office or on the move.