Securing your organisation with Zero Trust Approach in a remote work environment

Today, organisations face the challenge of redesigning their security infrastructure that proves effective beyond the office network, in an environment wherein they have no control on the location and network through which their employees access business applications.
  • Updated On Apr 13, 2021 at 09:01 AM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals
By Dipesh Kaura


The last one year, unarguably, has witnessed a dramatic shift in the way that organisations operate. Fuelled by the need to ensure business continuity in the initial months of the pandemic, organisations of all sizes and from across the industry spectrum have remodelled their business processes. While organisations moved a significant part of their workforce to a remote working environment, they have realised this could be the 'new normal' going forward.

Reaffirming this sentiment, several organisations have already embraced this as the new reality and enabled a major portion of their workforce to work permanently from remote locations. However, this has further opened doors to a new set of cyber threats with a sudden increase in the number of endpoints as employees access corporate networks from various locations and devices.

Advt
Our recent report ‘The story of the year: remote work’ has found 242 percent growth in brute force attacks on remote desktop protocol (RDP) compared to last year and 1.7 million unique malicious files disguised as apps for corporate communication. These findings show how attackers are setting their sights on remote workforces to carry out attacks.


Workplaces on the Cloud - Reimagining Security with Zero Trust

Cloud is at the forefront of organisations’ operations as well as customer engagements, and a remote work environment couldn’t have been made possible without it. In times when organisations faced the challenge of sudden shift to remote work in a large proportion, public cloud came to their rescue and it is said to continue to be a critical component of enterprise IT roadmaps.

According to a recent Gartner forecast, spending on public cloud services in India is expected to reach $4.1 billion in 2021, marking an increase of 29.4 percent from last year. Gartner also acknowledged that the Covid-19 pandemic has catalysed cloud adoption rate significantly, ensuring employees can access business applications from any location.

However, as organisations continue revamping their business processes on cloud, security remains paramount. This massive cloud migration and adoption of cloud based business collaboration tools and remote access to critical corporate resources have made traditional perimeter security obsolete.

Advt
Today, organisations face the challenge of redesigning their security infrastructure that proves effective beyond the office network, in an environment wherein they have no control on the location and network through which their employees access business applications.

In view of the new reality, a Zero Trust approach addresses the most hard-pressing concerns of IT leaders. It offers a security architecture that understands the complexity of the modern remote work environment and safeguards the workforce, endpoint devices, business applications and most importantly, data.


How Does a Zero Trust Approach Address Your Security Concerns

In a world where office boundaries are diminished, identity has become the new perimeter and a Zero Trust Network Access (ZTNA) emphasises on Identity and Access Management (IAM), ensuring complete authentication of users. Based on the principle of “never trust, always verify”, a Zero Trust security framework makes user and device authentication a continuous process, at multiple levels, instead of one-time sign in. With its three core principles of Least Privilege Access, Multi Factor Authentication and Micro Segmentation, a Zero Trust framework gives organisations a bird’s eye view and control over users inside and outside the network.

Least Privilege Access ensures that user access is limited to what is needed, thereby restricting exposure to other critical information on the network. Whereas, Multi Factor Authentication requires users to prove their identity with more than one credential.Thus, even if passwords are compromised, another layer of authentication prevents bad actors from gaining access into the network. Moreover, Micro Segmentation requires users to obtain separate access for various parts of the network, eliminating vulnerability of different parts within the network and dramatically shrinking the attack surface.


Zero Trust Defining the Future of Secure Workplaces

Since its realisation over a decade ago, Zero Trust has always been a consideration among IT security leaders. However, the pandemic made it more relevant than ever before. In the last year, the Zero Trust approach has found itself moving from boardroom discussion to actual adoption, at a rapid pace. While business leaders debate on the future of work - remotely, office or hybrid - the future of security will be certainly defined by Zero Trust, regardless of where employees are located.

Reaffirming the importance of Zero Trust in the post-Covid world, the latest report by ResearchAndMarkets projects the global zero trust security market to grow from $19.6 billion in 2020 to $51.6 billion by 2026. The emergence of mobile workforce, innumerable endpoints and a hyper-connected workplace leaves little control in the hands of organisations in terms of devices and users on private networks. However, with Zero Trust, organisations can strengthen the security posture of their IT infrastructure and align it with today’s agile and flexible modern work culture.

Lastly, Zero Trust is a model, not a technology or product and doesn’t require deployment of new technologies in your IT infrastructure. It is a security mechanism that relies on best practices that address the most concerning cyber security challenges of organisations in a remote or hybrid workforce.

The author is General Manager, Kaspersky (South Asia)


  • Published On Apr 13, 2021 at 08:55 AM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App