It’s been said that the coronavirus pandemic has forced many businesses to transform in a way nobody has foreseen. Almost overnight, businesses have had to find ways to keep operations running by going digital.
Dusting off their business continuity playbook, many were quick to open up more virtual private networking (VPN) ports to keep employees connected. However, nobody has planned for a response of this scale.
Indeed, nobody is prepared for the cybersecurity issues that now come with many of the IT policies and practices set up at short notice to adapt to the changing situation.
Scaling up overnight
Catering to the sheer number of employees affected is one issue. Another more serious one is how many businesses approach cybersecurity – their perimeter defenses are no longer sustainable in the long term because many employees are not in the office now.
While a VPN will encrypt the data travelling between a user at home and the corporate data center or cloud service, there are many ways, such as phishing, which cyber attackers can still use to get in.
They could look for loopholes in major VPN providers and exploit the same vulnerabilities to get into the internal networks of companies that uses these VPN services.
After that, they can slowly worm their way to sensitive assets and steal valuable information. Firewalls may catch some attackers at the perimeter but many will slip through.
Let’s not forget that firewalls also have to be maintained over time. Rules have to change as business shifts, especially in an unpredictable situation such as now.
How many more ports should a business open to cater to new users and apps without exposing even more of the network and data to higher risk? Who keeps track of the rules, say, when someone who is in charge of them leaves the business?
Trust no one
If there is a time for change, now is as good as any. It is time for a zero-trust environment that has been talked up for years. This means transitioning to a strategy where everyone within or outside a corporate network is authenticated when accessing assets that are protected.
This will help block intruders who have managed to slip through, for example, through a phishing and Trojan exploit. Users are provisioned to only access apps they have privilege to instead of the entire network, which prevents attackers to move laterally across the entire network.
The same applies when a user is seeking to go to a website that is linked from an e-mail. In a zero-trust environment, the domain will be checked, along with signs of possible malware, whether it is hosted on a known or unknown server.
Device posture is important too. In a zero-trust environment, the health of a machine can be checked, for example, to see if there an updated version of antivirus running. Only then will it be allowed to connect to corporate assets.
If a user plugs in a USB drive, this changes the risk profile and the machine may not be allowed to connect to or access certain assets afterwards. Such a change happens automatically, so even if a user device is compromised, it will not be able to access assets or “call home” to a command-and-control server.
A sound security model adapts to new threats as they change. It is designed to shift with the needs of the business, which will be hard to predict in an uncertain climate. In their continuity plans, businesses need an improved cybersecurity strategy that includes a zero-trust environment.
To be sure, moving to this setup is not an overnight exercise. Many businesses will continue to use traditional VPNs because there are apps that require them. A move could be in phases, with some groups of users getting onboard before others.
Don’t go alone
However, there is no denying the importance of rethinking one’s traditional cyber defenses even as the pandemic is posing new challenges. Picking the right security partner is key.
As part of its intelligent edge security portfolio, Akamai provides proactive protection against zero-day malware and phishing. It does so with an edge platform that delivers Web and mobile performance while keeping cyber threats at bay.
Akamai’s Enterprise Threat Protector solution enables security teams to ensure that users and devices can safely connect to the Internet, regardless of where they are connecting from, without the complexity associated with legacy, appliance-based approaches.
Across Asia Pacific and Japan, customers include businesses in the gaming, education, consumer goods and airline industries.
To answer many of these questions on moving to a zero-trust environment, watch Akamai’s digital and security industry experts share upcoming trends and recommend tips during Akamai’s Edge Live | Adapt Virtual Summit.
Meanwhile, here are three recommendations to take away:
- Take the time to reassess your business continuity plan in the context of what you’ve learned during the pandemic. Ensure it has proper provisions for adaptive security.
- Enable and secure remote workers on your network. Find out how to boost security.
- Understand how your users are operating when it comes to remote working. Learn their profiles. Are they using their corporate or personal devices? Is there a master data management solution (MDM) in place?