By Nick Alevetsovitis, Fortinet
Across the country, restrictions are lifting, and businesses are preparing to implement their return to office plans. Many of those plans assume employees will continue to work from anywhere for at least a portion of their week, perhaps permanently. With this in mind, IT leaders must continue to reassess how they will secure these new hybrid environments.
As my colleague and Fortinet field CISO, Joe Robertson, recently put it, “Work from anywhere requires connectivity plus security.” The essential connectivity that enables employees to work from anywhere also means that companies need a security model rooted in connectivity. For that model to work effectively, it has to be customized to match the organization’s business plans. Our recent global cloud report found that 76 percent of organizations are using at least two cloud providers. This means that security solutions must be flexible enough to secure—and span—both on-premises and cloud infrastructures. And they need to quickly scale to dynamically adapt to sudden or unforeseen changes.
Organizations need network firewall solutions that can work seamlessly across the increasingly distributed network while performing fast enough to protect today’s new hyperscale data centres and business-critical applications. They need purpose-built, high-performance physical firewalls and cloud-native solutions that can be integrated into any cloud platform that also work together to ensure consistent policy distribution and enforcement. This combination of physical and virtual security must also secure the complex use cases many organizations are looking to implement. These include securely connecting remote workers and branch offices to the core data centre and campus and cloud-based applications and resources, securing transactions that move across and between different cloud platforms, and creating secure and seamless interactions between the physical data centre and one or more cloud environments.
As organizations prepare for the world of hybrid work—and the hybrid networks needed to support them—they should consider two core strategies. Security-driven networking and zero trust can help build a foundation for long-term productivity and security success, even as their network infrastructures continue to evolve.
Security Driven Networking
The success of remote work comes down to providing optimized on- and off-network security for people with differing access needs, including full-time employees, contractors, and partners. At the same time, IT leaders must account for the growing number of IoT and other edge computing devices connecting to the network and the needs of branch offices. These issues continue to be a significant challenge, but addressing them as individual problems rather than from a holistic perspective can create issues of complexity and interoperability that will need to be addressed.
Knowing this, any solution built for the long term must bring security and networking together. The ability to tie together all elements of the connected environment—from the campus and data centre to the branch to the cloud—lets companies see and defend increasingly dynamic environments. Blending security and networking functions into a unified solution ensures a superior user experience for employees and customers through improved uptime and application accessibility and adaptable protection that can maintain policy integrity in dynamically changing environments.
IT leaders also need to take application performance into account. A security-driven networking strategy that combines Next Generation Firewall appliances with advanced SD-WAN capabilities can significantly improve an organization’s user experience and maximize productivity—especially for remote workers—and maximize security while doing so.
Once security is factored into the essential interconnectedness of today’s networks, they can freely evolve, expand, and adapt without concerns that the growing attack surface, or potential security gaps caused by inadequately secured hybrid work environments, will lead to more significant problems down the road.
Another worthwhile consideration is Zero Trust Access. ZTA is an approach that, at its core, limits user and device access to only what is required to complete work functions while constantly verifying credentials through the network/user/device connection.
In a hybrid work environment, where users are located is much less important than where an application sits and what resources a user needs to be productive. These and similar issues have made user identification, authentication, authorization, and access permissions critical. It’s what forms the basis for ZTA.
Achieving ZTA takes time and involves a mix of software, hardware, and business process changes. In the short term, IT leaders should look to take full advantage of intent-based segmentation, ensuring that clear roles and policies for users are defined and enforced. But they need to drive towards developing a universal ZTA strategy to consistently protect users, devices, applications, and resources deployed anywhere across the hybrid network.
As the economy continues to re-open, IT leaders deserve credit for the work they’ve done to keep businesses running over the past 18 months. But it was just the start. Looking ahead, they need to continue to apply that hard work and ingenuity to ensure that the new normal sets up their business for a secure and productive future.
Nick Alevetsovitis is VP, Canada Enterprise and Commercial Business at Fortinet