From macro to micro – why a 30,000-foot view of your enterprise and users’ security posture is no longer enough
09 November 2021
Many companies around the world are beginning to reopen the doors to their corporate headquarters and branch offices while still accommodating the preferences of those who wish to continue to work remotely, at least some of the time.
What’s keeping many IT security leaders awake at night is the need to create a secure and seamless hybrid working environment for their geographically distributed workforce.
Many are feeling on the back foot about a security perimeter that is porous after unprecedented pandemic-related mandates required them to enable an almost fully remote workplace in the matter of a few days. In many cases, additional infrastructure and tools were hastily deployed and security, while important, wasn’t altogether top of mind.
Time to hit the reset button
Now, with businesses reopening and many workers still working remotely much of the time, security is being brought front and center, with good reason.
How can organizations formalize and support – yet also secure – a distributed workforce going forward?
It’s time for them to revisit, assess, and, where necessary, replace their temporary solutions with a more relevant and flexible security architecture that supports a hybrid working model.
But this requires a different mindset, simply because the entire workplace and network topology and ecosystem have been fundamentally upended. Now there’s end-user geographic sprawl and device proliferation, not to mention the ubiquitous use of cloud-based applications and platforms that are being accessed in new ways.
It’s an expansive and complex environment that is challenging to manage and secure. Meanwhile, the cybersecurity threat landscape continues to evolve and become more ominous. Cybercriminals are refining their tradecraft and becoming more intentional and opportunistic in their tactics to exploit the hybrid workforce reality for their own nefarious purposes.
Many businesses have come to realize the uncomfortable truth that the traditional security measures upon which they’ve relied for years aren’t geared to provide the level of protection that’s called for in the new normal.
Additionally, given the complete metamorphosis of the enterprise attack surface, what used to be dependable threat intelligence mechanisms and data don’t reach nearly far enough. Now, there’s too much risk of false positives. How do you know which are real attacks? Which alerts or events do you prioritize?
New ways of work have resulted in a porous security posture, it’s time to think differently about security.
New frontiers in network security
Forward-looking organizations understand that it’s time to explore the new frontiers in security. As part of this effort, there’s an acceptance that it’s imperative to put the security posture of each and every user under the magnifying glass. While in pre-pandemic days – when the corporate perimeter served as the ‘enterprise armor’ – a high level, ‘30,000-foot’ view of individual users’ security postures was acceptable. Today, that approach will inevitably create heightened security risks.
To comprehensively address this security paradigm shift, the end-user and their devices need to be the starting and end-point of all enterprise security thinking and action.
Other considerations that must be included as part of this mind shift is user education. In the days when people used to work primarily from the office, many had a general sense of comfort that the company and its systems and protocols would automatically protect them from any lurking cybersecurity threats. And, in most cases, they would have been right.
Now, however, the twin challenges of security technology struggling to keep up with hybrid working arrangements and a lack of up-to-date end-user awareness make it all too easy for an employee to unwittingly click on a phishing email or make another act of poor judgment that could result in catastrophe.
How to get on the front foot
NTT’s advice to clients that are struggling to find their feet as they prepare to square up with the new face of security is to prioritize the following:
- A zero-trust architecture: By this, we mean that your network always anticipates the worst-case scenario. By default, it assumes everybody's unprotected, that networks are unsecured and that devices are unauthorized. Only by authenticating themselves through multiple security gates will users or devices be granted access to applications and data.
- Secure access, service edge (SASE): This is a network architecture that brings together software-defined wide-area networking (SD-WAN) and security into a service that enables secure and fast cloud transformation. It brings a cloud-based approach to secure connectivity by brokering secure access between users and devices to the service edge and allows access to approved services and applications only.
- A ‘secure by design’ mindset: This means making security something that’s an integral part of every technology investment and deployment – rather than something that’s layered on as an afterthought.
- Services such as managed detection and response (MDR): These provide you with the ability to identify and isolate an infected end-point and the host quickly. Immediately, you know the source of attacks and can move quickly to take mitigative action.
Ultimately, going from macro to micro security is all about getting greater visibility and a more granular understanding of where the threats are, being more proactive about preventing them from happening – irrespective of where your users are, the devices they’re using, the applications they’re accessing and where those applications reside.
NTT stands ready to work with you to close the gap between you and your end-users and move from a macro to a micro view of the security posture of each. So, speak to your client manager or get in touch.