As the world begins to open up following a year of shut-downs and enforced remote working, IT administrators and security teams find themselves facing a totally new landscape.
The day that the remaining COVID-related restrictions were lifted in the UK – or ‘Freedom Day’, as it became to be known – has ushered in a new age in the way that we conduct business. But not everything will return to the way it was pre-pandemic.
Even though the government is no longer instructing people to work from home, many businesses still do not plan to rush back to the office. In fact, 84% of UK businesses plan on making a permanent change and implementing a flexible or fully remote strategy moving forward. With companies like Adobe, Deloitte and Asda granting their employees the ability to work from wherever they like, it’s clear that the future of work for many will be hybrid.
While hybrid working isn’t a totally new phenomenon, with many organisations looking beyond their on-premise infrastructure for years, there is no doubt its popularity has been accelerated by the pandemic. The speed at which this acceleration has taken place has left many security teams struggling to keep up. After all, securing a clearly defined IT landscape can be challenging. Securing an IT landscape without clear boundaries makes the job 10 times harder.
A new working era will bring new challenges
In a traditional office-based environment, all IT infrastructure will typically sit in one or more regional or centralised data centres, which makes it easier to secure with centralised security solutions. But, in our new hybrid world, the digital attack surface has expanded significantly. IT teams now need to juggle making sure that staff are set up with systems that are optimised for the cloud, alongside effectively securing any devices they are using. The adoption of new cloud and network solutions, as well as working practices needed to support hybrid work, are raising a unique set of challenges, many of which are centered around visibility.
For example, many individuals tend to be naturally less risk-averse when not in the office. Some will willingly use their work devices to engage in behaviour that they might think twice about in the company of their colleagues, such as browsing social media, shopping or streaming entertainment services. What many will not realise is that this use of insecure Wi-Fi connections, unsanctioned applications, and browsers with insecure plug-ins has the potential to compromise the whole business network.
Whether due to a lack of resources or personal preference, hybrid work is also likely to encourage some employees to use their own devices to access corporate networks. Using personal devices which are unknown to the IT team can let in shadow IoT threats as a result of lateral compromise. Given that IT teams can’t easily enforce corporate security policies on devices and applications that sit outside of their infrastructure, each device is a potential landmine, just waiting to go off.
And it’s not just the device which employees are working directly on that poses a problem. The average home today has 11 IoT devices connected to its network. Each of these devices will be unknown to the IT team and, as such, provide a vector through which malware can enter an employee’s home network and then move laterally to infect the corporate network as well. Given that businesses can’t easily enforce corporate security policies on devices that sit outside of their infrastructure, this opens up the floodgates and puts businesses at increased risk from attacks such as phishing and malware.
Cybersecurity in a hybrid world
It’s clear that organisations need to take this time to embrace a more strategic approach to security, rather than hanging onto a network model that isn’t compatible with our new hybrid environment. There is no longer a centralised data centre with everything around it, and security practices and training need to reflect this.
IT administrators can no longer afford to look at networking and security as two separate entities that have minimal bearing on each other. IT management and security go hand in hand and changes in the architecture must be viewed directly from a security perspective. In other words: business should always be considering how current security policies must be adjusted if a particular innovation is implemented. The entire borderless network must be considered in each and every security decision.
Modern security technologies, such as DNS (Domain Name System) tracking, can help. DNS enables companies to increase visibility and prevent unwanted intruders, no matter where employees are based. It is a core network service, which means that it touches every device that connects to a company’s network and the wider internet. Because of this, it doesn’t rely on a device being authorised or known to the IT team. As a result, DNS has the power to see every connection point in the network at all times. By merging DNS with DHCP (Dynamic Host Configuration Protocol) and IPAM (IP Address Management), DDI helps IT teams detect threats at the earliest stages, identify compromised machines and correlate disparate events related to the same device.
Every day, an increasing number of businesses are announcing plans to incorporate hybrid working as part of their future strategy. For those that wish to make the shift a successful one, defending the network edge must be a priority. Therefore, security and networking teams need to join forces in order to implement technologies and policies that will ensure the best protection against malicious attackers.
Keith Glancey
Infoblox