Zero-trust approach to network security key in a work from home world

Share on facebook
Share on twitter
Share on linkedin
Share on email

While the novelty of working from home may have worn off, as the pandemic rages on around the world, working remotely is being embraced by more and more companies.

For example, Salesforce is shifting to a new way of working as it slowly begins reopening offices.

But this new way of working presents a problem for security teams.

As we saw in Florida recently, working remotely can highlight some security holes that ne’er-do-wells can exploit. In Florida, a hacker was able to infiltrate a water treatment plant’s network and mess with the chemicals used to treat water.

So how does a business protect itself while allowing employees to access its network from home or the coffee shop down the road?

Zero-trust networking is part of the solution according to managing director at Galix, Simeon Tassev.

“The work-from-anywhere business model creates greater edge computing and changes network access needs, as more users, devices and applications become located outside of the corporate enterprise. Locking down the perimeter is no longer effective or even possible and doing so negatively impacts business efficiency. A different approach is essential to facilitate today’s dynamic access requirements,” says Tassev.

Once such approach is the implementation of Secure Access Service Edge (SASE) which acts as a sort of border guard for a network.

A SASE requires that all devices connecting to a network meet a certain set of criteria before being granted access.

The key to getting this to work effectively is that the aforementioned criteria is applied to every device an employee wants to use, consistently.

“This is also more secure because it is homogenous and leaves no room for error with regard to policy implementation. Using this type of network design places enterprises in a more effective position to manage the complex workforce setup that the ‘new norm’ has created,” writes Tassev.

Of course, as with any security measure, implementing a SASE, or any zero-trust solution really, requires a fair bit of legwork on the part of decision makers.

Part of this legwork involves mapping out what users need to connect to and where they need to connect to it from. For example, it might make sense to deny a secretary’s access to a database while they work from home but a developer might need access to that database so they can work from home.

This goes for applications as well and your business may have to shop around for a solution that matches your needs.

Every consideration must be made before implementing a SASE so that permissions and access controls can be accurately assigned and only minor tweaks are needed.

“The most appropriate technology solution depends on the architecture and specific requirements of an enterprise. The right security partner can ensure that technology, access and strategies are linked to the particular needs of the enterprise and design a solution to suit. Risk mitigation is the key, and an effective partner can help businesses to navigate the unchartered waters of the current environment and position to meet future changes with greater ease,” says Tassev.

Working remotely is fast becoming the norm companies would do well to prepare for the future unless they want to be caught off guard as they were at around this time last year.

[Image – CC 0 Pixabay]

Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.