The remit for most UK IT professionals changed overnight when the country went into lockdown back in March. No longer are the majority of employees working within the security perimeter of the traditional office space. Instead, corporate defenses disappeared and we entered the Wild West that is an 80 percent remote-workforce.
Thousands of endpoints suddenly needed to connect to the corporate network and, unsurprisingly, with this surge in demand came much greater risk. Not only were IT teams responsible for making sure staff were set up with the right equipment and those systems were optimized for the cloud, but teams found themselves scrambling to make sure employees had basic security protections wherever they were located. This came at a time when the industry was facing an unprecedented lack of cybersecurity skills. From 2014 to 2018, the number of organizations with a problematic shortage of skilled cybersecurity workers grew from 23 percent to 51 percent, according to a global survey from ECG.
For many IT teams, the goal was to keep the lights on and to take a ‘connectivity first’ approach. However, for long term success, IT teams need to pair functionality with security and consider what changes they need to make due to the compromises they made in the tough times.
Why IT teams are feeling the pinch
It’s clear that Covid-19 has challenged the existing security infrastructure in place for remote-working. A study found that 89 percent of IT professionals said Covid-19 has been a stress test for every security policy within their organization. Top areas of growing concern include: employee home network security (58 percent); increased ransomware, phishing, and social engineering attacks (45 percent); keeping remote systems configured securely (41 percent), and keeping remote systems compliant (38 percent).
Remote connections have exploded over the past few months, putting strain on the corporate network and significantly widening the threat surface. Un-sanctioned applications and devices on the network – otherwise known as ‘shadow IT’ and “shadow IoT’ threats – are becoming a major concern for security professionals because IT teams can’t easily enforce corporate security policies on devices and applications that sit outside of their infrastructure.
One of the consequences of the rise in shadow IoT devices, in particular, is the doubling of distributed denial-of-service (DDoS) attacks over the last 3 years with over 17 million reported across the globe in 2020.
No industry is immune to the challenges that come with the explosion of remote connections on company networks. Schools, in particular, have seen a pressing need for solutions that extend network security to remote users, as the Covid-19 pandemic has forced millions of students to learn from home. Even railroad companies like Japan’s Keio Corporation are searching for ways to more accurately identify and mitigate threats, including SEO poisoning attacks and malware.
Employees are naturally less risk-averse at home, and the use of insecure Wi-Fi connections, unsanctioned applications, and browsers with insecure plug-ins add to the workload for IT and cybersecurity professionals.
Re-thinking our security approach Covid-19 has taught sceptics of the de-centralized network security model a harsh lesson. What were perceived as short-term disruptions are permanent changes to the way we work. Those that had already embraced edge networking were much better placed to cater to this rapid shift.
Organizations need to take this time to embrace a more strategic approach to security rather than hanging on to a network model that isn’t compatible with our cloud-based environments. When it comes to networks, there is no longer a center with everything around it, and security practices need to reflect this. Security protocols for the remote-edge are no longer ‘nice to have,’ instead, they need to be expanded across the entire network.
There is also a more human element at play here. With a remote workforce, IT teams, who once had physical access to employee machines, find themselves addressing issues remotely. Research found that when it comes to network security, one of the top concerns for 28 percent of UK IT professionals is the lack of skilled staff. In the absence of on-site accessibility to protect the network from the unknown, organizations need to increase skills-training for the wider team, as this will become a crucial component in strengthening enterprise cyber defenses.
Lack of cybersecurity training across organizations will leave UK businesses at risk, as technology solutions deployed in isolation won’t save a network from the threats of shadow IoT. Technology partners that remain on-prem and in the cloud not only drive IT delivery and management, but they also help free up stretched resources in order to automate critical processes. This includes provisioning, alerts and management of events.
How technology can help lighten the load
Many businesses were forced to deploy quick-fix solutions in the rush to prevent further strain on corporate networks and IT professionals. However, longer-term investments that deliver more holistic security will actually be more beneficial in clearing up a team’s time.
IDC reports that 95 percent of IT decision makers deploying SD-WAN (software-defined networking in a wide area network) in the next two years are looking to simplify and add agility to their branch office networks. While SD-WAN has its uses, a cloud-managed DDI platform is a step-up from SD-WAN in that it extends simplicity and protection to the enterprise’s edge and creates a strong foundation for both networking and security infrastructure.
By merging DNS (Domain Name System), DHCP (Dynamic Host Configuration Protocol), and IPAM (IP Address Management), DDI provides visibility and security from the network core to address the growing threats that come with remote work. This is empowering thousands of organizations to increase efficiency while reducing risk. DDI can identify threats at the earliest stages and automate the provisioning of security services on remote endpoints, which removes the need to ship devices back and forth for on-site patching. This is imperative for businesses to diminish the strain on IT professionals, as the lightweight and agile microservices architecture will allow organizations to execute these DDI functions without deploying dedicated hardware to all employees. This will in-turn free up IT professionals for other tasks.
For example, universities have been facing this issue for decades. The student body refreshes every year, meaning thousands of new devices are always being added to the network. With disparate systems it is very easy to miss something that is happening on your network and so it’s imperative IT teams have the ability to scale to meet the needs of their ever-changing population. DDI provides IT teams with the resources to monitor, detect and remediate malicious threats automatically and more efficiently whilst also ensuring 100 percent uptime.
As the UK begins to level-out, organizations need to start investing the time to future-proof their security strategy and invest in technology that will lighten the load of IT teams in the long-run. Defending from the network edge will be critical in combating emerging threats brought about by remote-working and using core infrastructure like DDI as the security control plane will enable organizations to stop and remediate attacks before they cross over from the home to the corporate network.
Malcolm Murphy, Technical Director, EMEA, Infoblox