Bringing speed and security together in the cloud
In companies all over the world, the pandemic has reignited a longstanding dilemma—providing an exceptional user experience while maintaining security standards. Reconciling the dual aims of speed and security for employees working from home is difficult. Even so, providing employees with fast, secure access to applications should be a top…
In companies all over the world, the pandemic has reignited a longstanding dilemma—providing an exceptional user experience while maintaining security standards. Reconciling the dual aims of speed and security for employees working from home is difficult. Even so, providing employees with fast, secure access to applications should be a top priority for any company—regardless of where those employees are working. The answer to this dilemma is in the cloud.
As more staff switched to working from home in the wake of the pandemic, the often-competing goals of companies’ network and security teams resurfaced. Traditional systems require a range of security checks that restrict the flow of data through the network. This restriction leads to latency and slows access to applications, most of which are now in the cloud. These delays propel users to leave the security of the network in search of a better experience.
Working from home—a challenge for networks
Before the pandemic, countless firms found themselves in a similar situation: their local networks, delivered via traditional cables plugged into the wall, provided their staff with connection speeds comfortably in the gigabyte range, with security hardware at the perimeter of the network ensuring secure access to applications hosted in data centres. However, with applications increasingly migrating to AWS or Azure, the demands on networks increased as cloud-bound traffic volume grew.
When the pandemic struck, most firms’ systems could provide remote access via VPN to about 30 per cent of the workforce. So, it was no surprise that most companies found themselves underprepared when most of their employees were suddenly working from home. Their VPN capacity was far too small and the bandwidth constraints they were already dealing with worsened, as traffic from remote employees was fed into the company networks before being routed to applications in data centres or the cloud. Of course, these applications then had to be fed back in the other direction through the network to users working from home—all of which led to slow performance and frustrated users. The pandemic work landscape proved that the legacy model lacked the scalability and flexibility to serve an organisation’s changing needs and workflows.
Many firms resorted to a short-term workaround for the lack of VPN licences and bandwidth by suspending some security policies and allowing staff to connect directly to the internet, with the VPN being reserved for those accessing internal data centres. This split tunnel model provided users with fast connections, but it neglected the need for secure connections—opening organisations to significant risk.
In September 2020, ThreatLabZ, the Zscaler global security research team, reported on a rising number of malware threats targeting employees working from home. The research showed a 400 per cent increase in remote desktop protocol (RDP) brute-force attacks identified and blocked across the Zscaler global security cloud, and a 2,000 per cent increase in Zoom-based malware attacks. The report also noted that employees had clicked on three times as many phishing scams related to the pandemic than in the previous month.
In the landscape of a global pandemic, increased cyberthreats, and a growing remote workforce, Zscaler, the secure digital transformation experts, enlisted Atomik Research to examine the interplay between digitalisation and security in the era of work-from-anywhere. The 606 companies surveyed across the EMEA region provided key insights into how organisations are adapting to their new reality, including the fact that only 35 per cent claimed to be confident in their ability to provide remote workers with secure access to the business applications they need to do their jobs. Some other findings include:
- 29 per cent reported doubts about their remote access systems’ security
- 30 per cent are using remote access VPNs and a third are using RDP solutions
- 19 per cent deployed an identity and access management (IAM) solution
- 17 per cent had introduced a system based on zero trust
When we consider that almost half of the companies surveyed expect the number of staff working remotely to rise by between 25 and 50 per cent, there is a clear need for action, and a third of the organisations reported that they are looking at new solutions.
Cloud-based security offers a solution
Given the lurking danger posed by cyberattacks, many companies ask themselves how they can provide both security, and speed, without having their security and network teams at odds and, in fact, enabling both to achieve their goals. For most organisations, cost is an issue, but it’s not the only one. Buying and deploying new systems is complex and time-consuming, and companies cannot wait months for backordered hardware to arrive. Workers at home need comprehensive security now to minimise corporate risk.
The short-term workarounds that organisations employed at the beginning of the pandemic must be replaced by future-focused models that serve network and cybersecurity teams’ requirements, by providing workers with fast, reliable, and secure access to their applications wherever they are hosted. Cloud-delivered security enables such access while providing the scalability required to support large numbers of employees working from home—or anywhere. It allows companies to reduce the load on their networks while improving security and the user experience.
Gartner’s secure access service edge (SASE) framework is the cloud-based security model that takes speed and security requirements equally into account. More than one-third (36 per cent) of European companies surveyed have experience with the SASE approach, which uses identity-based policies to provide users with direct access to their applications. It pushes services close to users, wherever they may be, to avoid the latency created by routing data across the network and through a regional gateway, which may be hundreds or thousands of kilometres away.
The dilemma between speed and security is no longer a zero-sum game. Security and user experience must be on an equal footing, which means bringing together network and security requirements. The expertise needed to bring these two opposing worlds together already exists, as demonstrated by the encouraging popularity of new security systems based on the SASE model.
By Wolfgang Hustädt
Wolfgang has more than 26 years of experience in the network and security sector and helps companies to solve complex IT-infrastructure problems on their journey to digital transformation. He bridges the gap between network and security requirements, gaining knowledge from past employments at cyber security vendor companies, as well as running his own network and security consulting firm. As Solution Architect at Zscaler he is accompanying customers in designing future-proof network and security infrastructures based on the SASE framework.