The Office Workplace ln The Hybrid World

The pandemic has redefined what it means to have a team in the office. In today’s typical work environment, a ‘team’ now involves collaboration between employees across multiple locations and settings.

However, with that comes a new challenge: securing this worldwide office. For example, cyber attacks have risen by 238% since the start of the pandemic and home workers have become the primary target of cyber criminals.

It’s increasingly important for leaders to ensure a consistent office experience regardless of where the workforce is. Enterprise IT governance needs to adapt to this new paradigm with businesses treating management of remote workers as a priority.

The Ability To Work Securely From Anywhere

In the past, corporate IT security would trust every user equally inside their network mainly driven by office-based employees accessing the corporate networking environment from traditionally “safe” locations. As a result of remote working, one key shift that business leaders should consider is “zero trust “networking.  

Zero-Trust Network Access (ZTNA) works by granting access to networks based on the identity of the user and their context (e.g. which applications being accessed). Users are first classified based on their business roles and the levels of access they require. Next, the context of the request is assessed – like where the user is connecting from, through what device, and whether the device is secure. The key aspect of ZTNA is the concept of “never trust, always verify” which means the user access session is continuously verified.

This way, users can access their resources quickly and efficiently, no matter where they are. At the same time, IT leaders can maintain a zero-trust approach across their entire network for enhanced security of vital corporate IT and data resources.

Adopting these frameworks will result in increased agility, resilience and reliability, as well as the ability to prioritize traffic to key applications and securely access SaaS and cloud applications across the Internet. Given the effective access security, it will also provide a good user experience for employees, allowing them to work securely regardless of location.

Deep Understanding Of User Habits & Organizational Needs 

It is critical to strike the right balance between user access management and effective, secure remote access to on-premises resources, hybrid cloud environments, and business applications. But before initiating any policies to do so, leaders need to run a deep audit to continually review and assess their internet-based and cloud-centric application environment and understand how their end-users engage with them. 

Adoption of ZTNA takes some consideration around tailoring the capability to the specific needs of the organization. IT leaders should use this opportunity to question everything, from the organization’s information and communications technology strategy to current IT governance – and, in the process, identify gaps and opportunities to enhance. 

A More Educated Remote User

The single best tactic for keeping confidential data safe is remote user awareness. Keep employees informed – not only about what they should do but also about why they need to do it. And if done right, you’ll set the organization up for success. 

Training materials should focus on the employee’s understanding of the importance of data security and cyber hygiene. Leaders should also consider defining an Acceptable Use Policy, so employees know what websites, apps and networks are permitted for accessing data.

A network with more intelligence at its edge that balances performance with user, device and application security management will be key to navigating the new hybrid way of work and ensuring a ubiquitous office. To succeed in this current era of work, companies must adapt their networking approach to this new distributed environment to avoid putting the productivity of employees and the security of their business at risk.

Samir Desai is VP of product management at GTT

You Might Also Read: 

Building An Identity-First Security Strategy:

____________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« The Virtual & Real Cybersecurity Threats In The Metaverse 
Big British High Street Retailer Attacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Panaseer

Panaseer

The Panaseer Security Data Lake is a big data analytics software platform providing joined-up visibility of business risk from cyber.

NDIA - Cyber Division

NDIA - Cyber Division

NDIA Cyber division’s contributes to US national security by promoting interaction between the cyber defense industry, government and military.

UL

UL

UL is a safety, security and compliance consulting and certification company. Areas covered include cyber security.

Cyber8Lab

Cyber8Lab

Cyber8Lab provides cybersecurity training programmes simulating real world cybersecurity incidents such as web defacement, malware, phishing, digital forensics analysis and wireless intrusion.

Escrypt

Escrypt

Escrypt - Embedded Security is a pioneer and one of today’s leading solution providers for embedded IT security.

Total Defense

Total Defense

Total Defense solutions include anti-malware, anti-virus, intrusion prevention & mobile security.

WhiteSource

WhiteSource

WhiteSource is the only all-in-one security, compliance, and reporting solution for managing open source components.

Pluribus One

Pluribus One

Pluribus One develops customized solutions and other data-driven applications to secure your business and your devices.

UKAS

UKAS

UKAS is the national accreditation body for the UK. The directory of members provides details of organisations offering certification services for ISO 27001.

Cyberstarts

Cyberstarts

Cyberstarts’ vision is to become the leading platform for amazing teams of entrepreneurs to solve the next big problems of the cybersecurity world.

Avertium

Avertium

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

Qualcomm Technologies

Qualcomm Technologies

Qualcomm invents breakthrough technologies that transform how the world connects, computes and communicates.

BugDazz

BugDazz

BugDazz pentest as a service (PTaaS) platform helps bringing in real-time results, detail coverage, & easy remediation workflows with compliance-ready reports.