While VPNs have their uses in securing the traditional workplace, will they suffice in a neo-distributed workforce? This expert says No.
The future of work is here, and it is ‘hybridized’.
While many organizations are rushing to give employees new productivity and collaboration tools, not all have considered how these will impact their IT complexity and data security.
With employees accessing confidential data from various devices, locations and networks, the attack surface has been expanded for bad actors to infiltrate. According to a study by IBM, the average cost of a security breach has increased to US$2.71m per organization across South-east Asia, compared to $2.62 million in 2019.
Just as organizations have had to rethink their work models, so must IT teams rethink security strategies. What has become evident is that, in this new world of work, organizations must look beyond traditional, VPN-based solutions limited in ability to scale and secure.
The Zero Trust approach
For IT leaders, there is no better time and opportunity to build a secure and flexible workplace. As the workforce embraces remote work in the long term, organizations must continue to invest in technologies that support the business, its data and its people.
Advanced technology has enabled sophisticated cyberattackers to take on the identity of an employee or their devices, hacking into internal networks and stealing important information. This has been exacerbated by remote work as employees are scattered across the globe with multiple access points and devices. For IT teams, rapidly expanding visibility across the organizations growing network can be daunting.
A Zero Trust approach enables secure access for all applications and devices, without assuming trust between any applications, devices or persons, until proven otherwise. As such, organizations will only grant access to people or devices after they have been checked and verified. Additionally, this approach is an ongoing surveillance process throughout the user interaction rather than just during initial login process.
Empowering employees with a flexible workspace
Traditional VPN solutions require employees to enter their username and passwords to gain access to confidential data. However, as most employees have to go through multiple logins to get to their applications, IT teams have to manage multiple vendors and multiple products, causing added stress and disrupting productivity.
According to a study done by Pulse and Citrix, 97% of security leaders globally believed that employee experience had an influence of the organization’s security strategy. With this in mind, improving user experience had topped the list (75%) of things leaders would like to change through their security strategy.
One way to improve employee experience is by implementing Zero-Trust-based access. This means using identity access management solutions like SSO (Single Sign-On), SaaS (Software as a Service) and web apps to provide security controls.
For example, an organization can use watermarks on SaaS pages that have critical and highly sensitive information, to prevent copying data. Ultimately, this prevents user and corporate data from being stolen, as well as access to malicious links embedded in these applications. This will not only give IT teams peace of mind but also free up valuable time, allowing them to focus on more important task to support business growth and strategy.
For employees, applying the zero trust approach will replace a user experience filled with distractions, context switches and complexity to a more seamless one. This way, employees feel empowered to focus on what they do best, increasing productivity and employee experience.
In the post-pandemic world, it is imperative to create a robust IT environment that protects data and empowers employees, no matter where they are working from. Only then can organizations start reaping the full benefits of the hybridized work model.