The sudden impact of change on the security posture of organisations //12.09.20
The year 2020 will be remembered for years to come and it will be spoken about in most history lessons across schools, the same way we learnt about the Tudors or World War II. Many organisations were forced to revolutionise their IT and security infrastructure overnight to take on the heightened demand on their remote connectivity services. According to the office for national statistics in April 2020, 49.2% of adults in the UK, who were in active employment, were working from home. This statistic is even more compelling when comparing to in 2019 that 5.1% of the UK population, in active employment, were working from home. It’s predicted that when offices reopen at least 25% of employees will have flexibility on where they choose to work. But with this newfound flexibility creates headaches and complexity for IT and security teams.
Organisations had to execute their business continuity plans quickly, overnight in most cases. There was an influx of remote workers accessing business applications and data from their home network. But were their initial investments on the IT infrastructure and security up to the task on maintaining a fully remote workforce? Over 65% of organisations across the UK have commented that now their workers are remote, their IT and security teams are dealing with a significant loss of visibility and control. With these weakened security tools, attackers are increasing their activity to take advantage of the chaotic situation. In April alone we saw an increase of 379% of phishing attacks.
At first organisations focused on the operational constraints. Now my workers are remote, what do I need to work productively from a remote location? This led to VDI and VPN solutions being deployed to allow workers to access critical business applications and data. Furthermore, organisations looked at long-term effects and accelerating the journey to the cloud. By moving applications and data to cloud native platforms, it enabled workers to be productive from any location. However, it’s clear that with legacy on-premise security solutions which are not fit for purpose, the journey to the cloud can be disastrous. Many organisations will be trying to secure remote workers with legacy on-premise security solutions. Doing so will come with compromise. These solutions will create siloed within an organisation. IT, security infrastructure teams all need to speak the same language.
But when trying to secure remote workers with the sheer number of legacy solutions that offer no value outside of the point problem they address. With that comes the fact that these solutions are bolted on to the infrastructure and devices they are designed to protect. At a time when visibility is paramount in the rise in attacks, now the workers are remote security teams suddenly don’t have the visibility they are used to. This makes it difficult to respond to potential threats in a timely manner.
It’s time to shift the mindset. We are used to protecting the outside from the inside. We look at securing our perimeter like building a castle with a moat around it. Now we need to look forward. While we now know the predictions show that 25% of employees will continue to work remotely, we also now know that protecting the perimeter in simply going to have little effect on the remote workforce. Solutions must be accessible from anywhere and anytime; we must take advantage of the cloud to be able to deploy security tools and updates efficiently without having to stand up additional hardware.
Security teams need to have continuous visibility on activity to investigate and triage threats. Software will drift and so will configurations which will increase the attack surface creating unnecessary risk. You must be able to maintain IT hygiene with a consolidated tool that’s tied into the visibility tools. That visibility solution must be able to pivot into a prevention policy, so you never have to hunt for the same threat twice.
While many organisations took the option to move to a cloud native solution, a unified cloud native security solution may have just been the most valuable investment.