Impact of Remote Work In addition to rising threat leve […]
Impact of Remote Work
In addition to rising threat levels, remote work trends have exponentially increased the access pathways into company systems and processes.
Kevin Dunne, president at Pathlock, a provider of unified access orchestration, points out remote workforces require users to be able to access applications behind a firewall from anywhere in the world.
“Many organizations have shifted their applications to the cloud to ensure easier access for a remote workforce,” he explains. “This new paradigm requires more consideration of how users can be granted access, and how security teams can monitor what users are doing with the access they’ve been granted.”
Dunne says when explaining the benefits of a zero-trust model, IT leaders should clearly outline the costs of potential breaches.
Furthermore, with IT systems critical to business operations, even an hour of downtime can incur millions of dollars in cost for large enterprises.
“IT leaders should make sure to highlight the benefits of a zero-trust model in preventing application downtime by reducing the ability for insiders and outsiders to perform actions that cause harm to critical IT systems,” Dunne says.
Kovalev adds the benefits of zero-trust should be part of ongoing cybersecurity education, which also includes ransomware, phishing, and deep fakes.
From his perspective, it is crucial to take preventative measures against cyberattacks, and not create an environment that is antagonistic to employees.
“For zero-trust to have employee buy-in, it should be easy to use and not cause any disruption,” he says. “Employees should be made aware that the policy not only protects the organization, but also the individual and their home network and devices.”
Shifts to the Cloud
Dunne says he expects to see more and more applications shift to the cloud, along with more bad actors attacking the critical IT systems of large enterprises.
“As complexity grows, zero-trust will become a core pillar to defending the enterprise and ensuring business continuity,” he says.
From Bird’s perspective, when it comes to zero-trust and identity, it isn’t a matter of what the next technology is that you need to buy.
“It is a matter of exhibiting discipline and eliminating the rationalizations you are making for why you refuse to enforce high- quality controls--like strong authentication -- across your entire digital estate,” he says.