By Mike Riemer, Pulse Secure, Global Chief Security Architect
The Future of Work post COVID-19 – Larger Remote Workforce with Cybersecurity Built into the Culture
“A recent Gartner survey of over 300 CFO’s found that 74% of respondents say they expect to move previously on-site employees to remote post-COVID-19. As such, a large remote workforce is forcing companies to re-evaluate how to evolve their corporate culture and invest in capital. Embedding a long-term cybersecurity strategy as part of this evolution to keep workers safe will be critical.
Ultimately, an effective security culture mitigates the risk of a breach as a result of credential theft, phishing and business email compromise (BEC) – and working with employees to protect their privacy addresses a growing issue for many people, 28% of whom have had their identity hacked or stolen. That number increases to 35% when looking at the entire U.S.
However, as businesses are quick to ditch their office spaces, they will need to allow employees to have secure remote access to corporate systems as well as implement Zero Trust. Zero Trust is an approach based on the concept of continuous verification and authorization. It ensures that only authenticated users with compliant devices, whether corporate, personal or the public, can connect to authorized applications over any network, whether on-premises or in the cloud. This will help remote workers to engender more confidence that their business and personal data is secure. “
Zero Trust Must be Part of the Future of Work During and Post COVID-19
“The need for Zero Trust security has never been greater, especially due to increased targeted attacks, rapid work from home mandates, and mounting privacy compliance obligations due to COVID-19. As such, enterprise adoption of the Zero Trust security model is growing as mobility and hybrid IT models have placed most workloads beyond the shelter of corporate networks and traditional perimeter defense. This creates significant user access and data concerns.
The 2020 Zero Trust Progress Report by Pulse Secure revealed that nearly a third of cybersecurity professionals have expressed value in applying Zero Trust to address hybrid IT security issues. This report, which surveyed more than 400 cybersecurity decision-makers, found that 72% of organizations plan to assess or implement Zero Trust capabilities in some capacity in 2020 to mitigate growing cyber risk, while nearly half (47%) of cybersecurity professionals lack confidence applying a Zero Trust model to their Secure Access architecture.
With its principle of user, device, and infrastructure verification before granting conditional access based on least privilege, Zero Trust holds the promise of vastly enhanced usability, data protection, and governance and must be part of any security architecture as we navigate the current COVID-19 business landscape.”
Telemedicine and Remote Field Offices are Changing the Needs of Healthcare Professionals
“Healthcare is going the way of other industries with employees being asked to work remotely and post COVID-19, we believe the use of telemedicine and remote field offices will be the new normal in healthcare.
As such, IT teams must provide healthcare workers with mobile devices that are protected, even on expanded Wi-Fi networks or cellular networks as employees are often working outside secure networks, opening their mobile devices to additional threats.
Increasing remote capacity on network protections such as VPNs, extends security to those workers in the field, ensuring that both patient information, as well as other personal information stored on those devices, is safe. By deploying Zero Trust policies, info security teams can also implement fine-tuned user access management to ensure that network capacity is maximized and that workers only have access to the information that’s absolutely necessary.”
About the Author
Mike Riemer is the Global Chief Security Architect for Pulse Secure, where he has worked for the last six years. He has over 37 years of IT and IT Security experience and is a Certified Instructor on Firewall/Virtual Private Networking, Intrusion Detection/Prevention, SSL/VPN and Network Access Control disciplines. He previously spent 25 years with the U.S. Air Force working in Cyber Security and Intelligence.