sb-nz logo
Story image

Why enabling a remote workforce requires converging security at the edge

17 Jul 2020

Article by Bitglass senior director of marketing Jonathan Andresen.

To protect enterprise data, IT teams have to counter risks on two fronts: insider risks where threats come from within the organisation, such as employees handling sensitive data; and outsider risks that originate from malicious external sources.

Data loss prevention (DLP) capabilities within a CASB (cloud access security broker) solution have emerged as the most effective platform to prevent legitimate remote users from accidentally or maliciously sharing business data that could put an organisation at risk. 

Providing visibility into all types of cloud-based applications (SaaS, IaaS and PaaS) running across all types of devices, both managed and unmanaged, is a prerequisite for securing business data against insider threats. 

Add-in real-time access control and threat protection for managed apps, and IT has the full toolset needed to fast-track cloud adoption while de-risking breaches caused by internal users.

But what about external malicious threats? How should we protect against these threat vectors when the workforce is highly decentralised across a multitude of locations and using a variety of managed and unmanaged devices to access corporate data?

Network security solutions such as firewalls, secure web gateways and anti-virus software products have been deployed for years to protect against ‘outsider’ threats, i.e., malicious attacks from hackers looking to steal confidential business data. 

That worked well when most users worked out of the office and just a few users worked from home or on the road. The cost and performance overhead of a VPN for a handful of users was a good trade-off.

The COVID-19 pandemic has changed that.  Workers are largely remote, business applications are hosted in the cloud, and accessed by users from multiple devices at any one time – both managed and unmanaged (think BYOD). 

To put it another way – data is being created and stored outside the traditional enterprise security boundary, travelling on networks that IT doesn’t own and where the device and access methods are determined by the user.

Together, these changes broaden the attack surface and increase users’ vulnerability to malicious external threats that are beyond the reach of traditional network security products like firewalls and on-premise SWGs.

Such legacy network security solutions use a combination of appliances and passive endpoint agents to inspect traffic for users in the office or on the go, leading to high management overhead and high latency.  

Further, encrypted traffic is inspected at the gateway, infringing on user privacy.

Fast-tracking an agile yet more secure remote workforce requires a recognition of the fundamental importance of cloud services and mobile access play for today’s users. What’s needed is a converged solution that fully protects against both insider and outsider threats. 

That solution is a secure access service edge (SASE) solution that integrates web security (SWG) at the device edge with cloud security (CASB), data loss prevention tools (DLP), threat protection and identity access management (IAM).

Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Businesses left to make decisions based on old, inaccurate data, study finds
"It is more critical than ever that organisations have access to actionable, contextualised, near real-time threat data to power the network and application security tools they use to detect and block malicious actors."More
Story image
Why organisations should wise up to the DDoS extortion trend
While it is essential to have a DDoS mitigation solution in place, it’s also important to test that it works as expected, writes NCC Group director of technical security consulting for Asia Pacific Tim Dillon.More
Story image
The business case for an in-house ethical hacker
Ethical hackers, also known as penetration testers or white-hat hackers, mimic the techniques used by malicious hackers to try and break into computer systems and discover vulnerabilities before the bad guys can exploit them.More
Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More