Security for the “new normal”
Remote working is by no means a new concept. In fact, 30 percent of employees were already working from home on a part-time basis prior to the COVID-19 lockdown, according to Gartner. However, the pandemic has unquestionably changed businesses’ attitude towards the practicality of flexible working. This, combined with an awareness that they need to be better prepared for potential future pandemic lockdowns, has increased the likelihood they will adopt remote working, at least in part, long-term. Indeed, Gartner’s research also found that 41 percent of employees are likely to work remotely part-time after the pandemic. These statistics are supported by the fact that companies such as Facebook and Google have both confirmed their staff will be able to work from home until at least the end of 2020.
The time for quick-fix solutions has passed
It is apparent that remote working will form a key pillar of the “new normal”. However, for flexible working to be a viable solution long-term, businesses now need to trade the interim security solutions they relied on when lockdown first occurred for high-performance permanent solutions.
For instance, remote working saw a boom in Virtual Private Networks (VPN) usage. This is unsurprising as for decades VPNs have been a well-known and frequently relied upon method for enabling employees to connect with their business’ internal systems. However, they were designed at a time when the bandwidth required for applications was lower and remote working was uncommon. In today’s complex technological world, this translates to poor performance and, consequently, an inability to access the work network, resulting in employees abandoning their company VPNs and the security they provide.
VPNs have no place in the “new normal”
Why do VPNs struggle with increased demand? The key lies in the fact that most VPNs require users to connect and be authenticated through a single shared VPN access point. This model means VPNs struggle to make connections when faced with a large volume of people trying to join the network. In a best-case scenario, this will result in staff having to wait in a connection traffic jam. In a worst-case scenario, the VPN will become overwhelmed and crash – as if it were reacting to a Distributed Denial of Service (DDoS) attack – forcing employees to operate on their personal, unsecured networks.
Even if users manage to connect to the VPN, this does not guarantee they will remain connected for the rest of the working day. As VPNs need stable connections to maintain the transmission control protocol (TCP) session, once lost the user will be disconnected and forced to go through the time-consuming process of reconnecting. This will result in significant employee frustration. A feeling that will be compound if their connection is prohibitively slow when they are on the VPN, as a result of the networks’ inability to scale to meet the demand of a sharp rise in remote workers. Many employees will not tolerate the significant productivity drain VPNs cause – poor connectivity can cost up to 72 minutes a day, according to Zen Internet – and will instead choose to work off the networking. While their reasons are understandable, their actions pose a significant security risk, one that cannot be tolerated long-term. An alternate solution must be sought if remote working is to be secured for the “new normal”.
SDPs the answer to secure remote working
Unlike VPNs, Software-Defined Perimeter (SDPs) form one-to-one network connections between users and the resources they are authorised to use. This makes it physically impossible to get stuck in a connection queue behind other users. SDPs also ensure quick connections by separating the control and data channels which reduces the network load. What’s more, they are designed to be decentralised so they can scale to accommodate significant numbers of users. All of this means that employees are able to connect quickly and enjoy good network speeds – two critical elements for ensuring they remain on the work network and benefit from the improved security it provides.
One of the key security benefits SDPs offer is that they operate on a zero-trust model; whereby the data users are unauthorised to see remains invisible. This means that in the event of an attack a hacker will only be able to see a small section of the network. They will also be prevented from spreading across the network as the compromised user or device can be sectioned from the rest of the business, without other users or businesses functions being negatively affected. This is in sharp contrast to VPNs where once a user, and therefore any attacker, enters one part of the network they have visibility over all data in the network, regardless of whether it is relevant to them or if they can access it.
Beyond minimising the attack surface, SDPs also offer improved access management. This is because SDPS automatically generate network access rules for short term use and delete them when they are no longer needed. As a result, the number of rules needed is minimised and network access control is restricted.
Invest in new technology to survive in the “new normal”
As lockdown measures begin to ease business leaders are stepping out into a world of uncertainty. Rather than being able to divert to traditional office-based set-ups and the technology they relied upon in the past, leaders will need to retain the agility COVID-19 has taught them, and continue to embrace flexible working and solutions that support it long-term. Unlike VPNs, SDPs will empower businesses to operate more efficiently and securely in a home or office environment. As such, they are a critical investment for any business that wants to survive in the “new normal”.
Author: Kurt Glazemakers, SVP, Engineering, AppGate