Owing to COVID-19 pandemic, the new normal for many businesses see an increased dependency on mobile devices and remote work technologies. This increases the cybersecurity risks of organizations as any device connected to the organization’s network or technology utilized in achieving business workflow remotely increase the attack surface for cybercriminals. With recent trends indicating that organizations are looking to implement a permanent hybrid work model that would see the workforce rotated in and out of the office, businesses must rethink their network security strategy as the network perimeter has now shifted to telework devices.
The current IT security model implemented by most organizations largely relies on most employees being connected to the corporate network directly. The effectiveness of this approach is dependent on maintaining a high level of visibility into the activities within the enterprise network. This is typically achieved by collecting data from the firewall deployed for perimeter defense, event logs, domain controllers, endpoint protection logs, among others. But with many employees moving outside of the defined network perimeter, visibility into a large percentage of the enterprise network traffic will become limited. Given the stakes, it is imperative to establish methods of ensuring adequate network security.
Many organizations have turned to Virtual Private Network (VPN) services in a bid to provide secure connectivity between remote workers and the enterprise network. However, the existing VPN infrastructure is not scalable to support a robust remote workforce. VPNs are designed to provide point-to-point connectivity over an encrypted channel. This requirement means that users will be connected to an endpoint from which security scanning and traffic routing are performed. The demands of a robust remote workforce such as is witnessed will typically exceed the design capacity of the endpoint which could lead to degraded network performance and throughput with connections likely to be dropped or denied. Split-tunnel VPNs have been pushed as a solution to the VPN scalability problem. However, while split-tunnel VPNs increases usability, they do so at the cost of network visibility and security. If connections to the internet from telework devices are not monitored, they can be compromised and used to access the corporate network even via the VPN connection.
The new corporate network edge lies at employee devices and their home networks are and thus ensuring network security the enterprise requires securing to these devices as well. To achieve this, at least the same level of visibility into activity is required on telework devices as are available on the enterprise network. Centrally-managed cloud-based Endpoint Detection and Response (EDR) agents can be deployed on devices used by remote workers to provide visibility into these devices while also protecting them. Adopting this model would help organizations reduce the load on the enterprise network and VPN infrastructure and achieve a higher level of scalability than an on-premises solution.
Mitiget advises that organizations adopt cloud based EDR solutions that is zero-trust architecture (ZTA) compliant. ZTA requires organizations to verify, by default, anything and everything inside and outside their environments attempting to connect to their systems and resources before granting access. With zero trust agents installed on telework devices, all traffic can be securely and dynamically routed to a cloud-based gateway and then on to the target resource. ZTA provides mechanisms for uniquely identifying the device, use, and context, ensuring granular access control and visibility for enterprises. Contact Mitiget today for a review, deployment and implementation of the technology and process. Reach out to us at info@mitiget.com