The ability to work from anywhere isn’t new. But a global pandemic has made it a widespread standard and it’s clear that where and how people work at the office, at home or on the road has fundamentally changed hybrid workplace security.
Regardless of where an employee works, one thing holds true: most cyberattacks are due to human error. People click the wrong thing, misconfigure environments and, when no longer working at a corporate office, are an exposed extension of your new attack surface.
How to achieve a secure access environment
Between managing distributed people and IT assets, what is the best way to achieve hybrid workplace security? Let’s look at the factors to consider when forming a comprehensive security plan and the best secure network access tool to pull off the job.
Security risks that come with a hybrid workplace
It’s not just that an employee can log in from a coffee shop or airport public network. It’s that every employee is logging in from a different network and the assets they’re trying to access may be in a public or private cloud, a data center, or in a dusty, yet still used, mainframe. Hybrid workplace security quickly becomes complicated and enterprises now face several challenges, including:
- Old defenses in a new battleground: IT teams have had to scramble with outdated network security tools as companies digitally transform. According to a Forbes survey, “76% of companies adopted cloud services faster than they had planned, which unintentionally increased attack surfaces and created security gaps for hackers.” It’s not enough to just update IT infrastructure. You need modern defenses. Anything with “default allow” like VPNs or NACs is simply too risky.
- Legacy workloads: Under digital transformation initiatives, organizations don’t always migrate everything to the cloud and it’s not feasible to do it all simultaneously. Therefore, legacy infrastructure remains a critical enterprise IT mainstay that also requires modern secure access. According to Deloitte, 72% of organizations are planning upgrades to their mainframe in the next three years.
- Compromised devices: Securing a network was difficult enough without adding an exploding number of unmanaged devices driven by work from anywhere and bring your own device (BYOD) policies. If a compromised device accesses the network, an internal vector attack is much more likely. According to one report, 47% of organizations cite an increase of personal devices being used for work and 82% said they now actively enable BYOD to some extent.
- Third-party access: Just like human error, third-party access is a security risk regardless of whether that person is on-premises or remote. Traditional network security measures, like insecure VPNs, give third parties all-or-nothing access, which makes them an easy target for bad actors. More than half of organizations in one survey reported data breaches via third parties.
- Cloud access: There are many ways enabling the cloud makes things easier, but security is often an afterthought for DevOps teams and other divisions that prioritize agility and productivity. Secure access permissions are likely broad and static, because managing fine-grain policies across dynamic multi-cloud environments is complex. According to Flexera’s 2021 State of the Cloud Report, 92 percent of enterprises have a multi-cloud strategy and 82 percent have a hybrid cloud strategy. This can lead to siloed security controls and a hefty manual access management process.
How to secure access for the hybrid workplace
With assets and employees rarely in the same place at the same time anymore, it's time to secure access for the hybrid workforce because the new perimeter is people, not offices. Zero Trust Network Access (ZTNA) is the ideal solution for secure access with simple, fast, secure user connections from anywhere to multi-cloud, on-premises or legacy applications. By 2024, at least 40% of all remote access usage will be served predominantly by ZTNA, up from less than 5% at the end of 2020.
ZTNA utilizes a range of identity-centric and connect-based parameters to authenticate users and grant secure access. It grants the least privilege access possible to limit lateral movement, integrating with other security systems to safeguard the entire enterprise IT ecosystem and secure your hybrid workforces and workloads.
To have the most comprehensive hybrid workplace security plan, you need a solution that tackles the human error issue. A rugged Zero Trust Network Access solution leverages a software-defined perimeter (SDP) architecture to accomplish that.
Upgrade your hybrid workplace network security
Only a robust ZTNA solution, like the industry-leading Appgate SDP, can scale to meet cloud and hybrid workplace requirements for uniform access from any location, including on-premises. Appgate SDP is flexible and agile Zero Trust security built on five core design principles:
- Cloaked infrastructure: uses a sophisticated form of single packet authorization (SPA) to make your network invisible with no exposed ports
- People-centric: adapts access based on user, device, application and contextual risk, building a multi-dimensional identity profile before access is granted
- Dynamic and continuous: live entitlements that automatically modify access in near-real time based on changes in context and risk, so security risks are automatically blocked
- Microperimeters: using patented multi-tunneling technology that microsegments users, workloads and resources providing least privilege access to limit lateral movement inside the network
- Programmable and adaptable: extensible 100% API-first technology that enhances and integrates with your tech stack and builds security directly into the fabric of business processes and workflows
Appgate’s Secure Access Solution for the Hybrid Workplace
Appgate SDP has been named a Leader in the The Forrester New Wave™ Zero Trust Network Access, Q3 2021receiving a differentiated rating, the highest possible, in six criteria including deployment flexibility, non-web and legacy app support, ecosystem integration, client support, connector capabilities and product vision. Additionally, in the Nemertes Real Economic Value study, Appgate SDP customers reported a 119% average increase in accelerated digital transformation initiatives, a 9.5 out of 10 rating for “most strategic to Zero Trust” and an average 66% reduction in help desk tickets.
Interested in learning how to secure access for your hybrid workforce? Review these additional resources:
eBook: Securing the Hybrid Enterprise
2021 Zero Trust Market Dynamics study, expert Q&A with Dr. Chase Cunningham
Whitepaper: Today’s Top Cyberthreats and how ZTNA Defends Against Them
Infographic: Securing the Hybrid Enterprise
Blog: How Hybrid Workplaces and the Human Factor Create New Security Dilemmas