As the world’s businesses had to regroup and rethink their business-continuity strategies at the beginning of this year, organizations had to quickly transition to a remote workforce. Seemingly overnight, business-processes and the technologies used to accomplish those processes changed. Business could no longer be carried out safely or effectively on-premises with the onset of the global pandemic.
With this very quick and abrupt change, the security solutions, policies, and other details of the entire IT operations strategy could no longer be carried out as it had been before. In this post we will take a closer look at why traditional security technologies are no longer effective. Also, how can businesses overcome traditional IT technology limitations with the remote workforce?
Why traditional security technologies are no longer effective
Enterprise organizations have long used traditional security processes to ensure a consistent enforcement and deployment across on-premises landscapes. These technologies are often built around the Microsoft ecosystem of traditional on-premises toolsets. What products and solutions are we referring to?
- Microsoft Active Directory Group Policy
- Microsoft Windows Server Update Services
- Traditional on-premises remote assistance tools
Why are these tools no longer effective or relevant for the current remote work strategies that have been embraced by organizations across the globe? To understand why there needs to be a different approach, let’s take a look at the client/server model these tools were built around and the requirements as such.
Traditional infrastructure includes the client/server topology that has historically been the operating model that organizations have used for decades now. With this model, you mainly have an on-premises environment containing the server workloads and clients that also exist on-premises.
With on-premises environments, there may be multiple “sites” that are connected via high-speed WAN links. However, for the purposes of the logical design, all sites that exist in the traditional infrastructure environment are “on-premises” and contain “internal” resources that can only be reached by other nodes that are inside the traditional on-premises network. A typical layout of a traditional corporate network may look something like the following.
The traditional network, or the way that servers and clients communicate with one another, has quickly changed with the onset of the Covid-19 pandemic. With the quick transition to a distributed workforce that exists across multiple networks outside the corporate network, the traditional communication model between client/server systems, and by extension traditional IT security technology, is no longer possible.
Remote clients are now located outside the corporate firewall. True on-premises client/server communications are no longer possible since typical intra-site communication protocols and traffic is not permitted from off-premises through the firewall to on-premises servers and vice-versa.
When compared to the traditional network configuration before the start of the pandemic, remote clients are no longer within the internal network boundaries where they were located before. The management of clients by WSUS Server, Active Directory group policies, and other traditional client management tools that may be used for security scanning, monitoring, and enforcement for on-premises clients is no longer possible in a feasible way.
One of the traditional ways that organizations have attempted to solve this problem is by using VPN connections from the client side back to the corporate network to “place” the remote clients back on the corporate network so these can be managed. However, this approach leads to its own set of problems and security concerns. VPN connections do not scale very well. Also, by placing a remote client on the corporate network by way of a VPN connection, the corporate network is exposed to any number of risks including potentially unwanted programs that have been installed on the end user client. Data exfiltration also becomes a concern. This is where remote workers have the ability to copy business-critical or sensitive data from the sanctioned corporate environment to their personal devices or even a personal cloud environment. None of these risks are desirable.
It becomes very technically challenging to continue to use traditional tools for security and patching when workers are connecting remotely. If VPN is not used and the client is not under the management of traditional tools like WSUS, Group Policies, and other client management solutions, organizations must transition their approach to security management. They must use tools that are not bound by the lack of adjacent network connectivity as are traditional security solutions.
How can organizations overcome these challenges and still provide a secure, manageable, policy-driven environment for remote workers?
Cloud IT security management
As discussed, one of the main limitations with the traditional security technologies and tools that have been used for years to manage end user clients is connectivity. Server resources and tools that are used to perform IT security management for the organization require connectivity to the endpoint on the same internal, adjacent network. This simply does not work for the state of affairs today, with clients spread across any number of networks and home office environments.
To remain effective and meet the challenges that are faced today due to the pandemic, organizations must leverage powerful cloud IT security management tools that are not limited by the challenging network requirements of on-premises, traditional tools. What advantages come with deploying and using cloud for IT security management?
Cloud IT security management brings the following benefits:
- Generally provided as Software-as-a-Service offerings
- No expensive server infrastructure to maintain or manage lifecycles
- Allows shifting from CapEx to OpEx expenditures
- No challenging network requirements, generally only requires a simple SSL egress connection
- Many offer a simple agent that can easily be installed even on remote endpoints
- A cloud IT security agent deployed on the remote endpoint can inventory software & hardware, perform updates for both Windows and third-party applications, and enforce policies to name a few
With the heavily distributed workforce currently in place today and with no foreseeable end in sight, organizations must transition to the new normal of a mainly remote workforce. This underscores the importance of engineering solutions that are no longer bound by the requirements of on-premises, traditional infrastructure and network connectivity.
Cloud IT security management solutions allow organizations to remain nimble and flexible in remote work capabilities and offerings. At the same time, it allows keeping remote workers secure and business-critical data safe. In this way, no matter what network or location a remote worker is located, security management, patching, and other extremely important operations can continue seamlessly and without issue.
Brandon Lee, Cloud-based Endpoint Security Management Strategist, Action1