4 steps to securing your networks in a hybrid workplace

by Gareth Watters

09 November 2021

Workforce connecting from everywhere

With your workforce connecting from everywhere, is your security strategy equipped to manage the evolving risks?

As we continue to maneuver through what is hopefully the tail end of the pandemic, businesses are trying to find the right balance between safety and productivity for their employees – their own cocktail of working from home, remote, onsite and anywhere – that we call the hybrid workplace.

As you plan, you’re likely wondering how to leverage cloud-based solutions to provide connectivity and access between users, applications, devices and data so your business can continue to function regardless of what hybrid ends up looking like. But no doubt you’re also making plans to manage your security and risk.

The number one question I hear from CISOs is: How can I assure the board that our business is secure and resilient to cyberattacks?

From a security operations perspective, you might be asking:

  1. What can I do myself versus outsource?
  2. Am I cost-effectively delivering network and cloud security?
  3. What network and cloud security technologies do I need to keep my hybrid workplace secure?
  4. What security capabilities and approaches (e.g., Zero Trust) should we consider?

Managing up and down requires situational awareness, data and insights. To know where you want to be, you will need to understand where you are now. Knowing your current and future desired state for security, visibility of your assets, as well as your organization's threat landscape and risk appetite provides the insights required to develop the strategy-aligned security roadmap.

Workforce connecting from everywhere

The hybrid workplace is creating additional complexities for security teams

As you approach this there are four critical foundations you need in place:

Architect modern networks with secure access service edge (SASE) solutions

Many businesses are swapping out expensive MPLS in favor of more cost-effective, faster and easier to deploy SD-WAN solutions. SASE offers cloud-delivered security (as-a-Service) capabilities to rapidly provision security in tandem with the SD-WANs being deployed by IT teams. SASE helps to ensure outbound, inbound and internal communications as well as data transfer are secure and encrypted. It’s a fundamental hybrid workplace enabler because it connects users, devices, applications, and data using business policies across any network.

Move beyond the perimeter, to cloud-delivered zero trust access for applications

Your applications are moving to the cloud if they’re not there already. The traditional on-premises perimeter hasn’t disappeared, but the software-defined perimeter has grown exponentially. Managing networks and security at scale and effectively has become a significant operational overhead with cloud teams commonly administering their own network access. Zero-trust network access (ZTNA) is a great solution that allows employees to work from anywhere using the internet. It provides continuous verification and access is monitored for any unusual activity and changes. It provides a scalable, cheaper, faster to deploy and easier to operate solution than VPNs, and avoids appliance-based network bottlenecks.

Outsource threat detection and response to scale effectively

With hybrid working, you’re more exposed, and continuous monitoring to ensure the early detection of threats across your network is critical to reducing the impact of a breach. Services like Managed Detection and Response combine 24/7 monitoring, security expertise (hard to find in this market or cultivate yourself), threat hunting and detection, to discover hard-to-find threats, disrupt complex and sophisticated cyberattacks, and improve cyber-resilience. Outsourcing to the likes of an MSSP not only gives you this capability but helps you if you need to adapt to more remote, more onsite working, etc. They’ll have better intelligence capabilities and can scale in response to threats too.

Make sure security training is more than just a tick box exercise

According to our 2021 Global Threat Intelligence Report, cybercriminals recognize the opportunity in targeting remote employees. They know they’re more vulnerable while working from home and are a reasonable way to gain entry to your business. Enabling them to be a human firewall will help keep attackers out of your network.

Call to action:

For help with securing your hybrid networks, get in touch.

Gareth Watters

Gareth Watters

Cybersecurity GTM Strategist