In the 2011 movie “Moneyball,” Oakland Athletics General Manager Billy Beane (played by Brad Pitt) faces the dilemma of putting together a winning baseball team without going over budget. Beane ends up bringing in a Yale economics graduate who uses sabermetrics – which involves analyzing in-game activity statistics – to choose the best players.
This doesn’t go over well with the team’s head scout, who confronts Beane and tells him, “You don’t put a team together with a computer, Billy.” He then asks if Beane’s going to discount what scouts have been doing for 150 years.
In response, Beane declares, “Adapt or die.”
Although there are a few differences between cybersecurity and baseball, that advice also applies to CISOs and business leaders in general as we begin the new year. Before the pandemic dramatically altered how we live and work in 2020, digital transformation initiatives and the adoption of new technologies like zero-trust network architecture with a Secure Access Service Edge (SASE) weren’t top priorities for many organizations. Rather, corporate leaders saw them as long-term targets that could be put off until the somewhat distant future.
However, COVID-19 accelerated everyone’s acceptance of an increasingly digital existence. Now that we’ve all adjusted to a more virtual reality, businesses everywhere must welcome the new or risk going out with the old.
The New Reality of Normalized Remote Work
Previously, working from home even part-time was considered a perk rather than a standard arrangement for those with office jobs. However, all of that changed with the emergence of COVID-19. At the beginning of the outbreak, many companies sent their staff members home to prevent the spread of the novel coronavirus. Now that they’ve had a taste of that flexibility, a lot of employees will be reluctant to return to the office full-time.
Almost two-thirds of U.S. employees who’ve been logging in remotely during the pandemic say they want to continue fulfilling their professional obligations from home, according to Gallup. Many company leaders have expressed a willingness to grant that wish, with 82 percent saying they intend to let their teams work remote some of the time in one Gartner survey.
That means that organizations that require full-time on-site work will likely soon be outnumbered by companies that offer more flexible arrangements, and skilled professionals will flock to the latter. If your business doesn’t embrace remote work, you’ll find yourself at a disadvantage when it comes to attracting top talent.
As a result, establishing a reliable and secure remote work strategy is no longer a luxury if you want to stay competitive and relevant going forward. If you haven’t already, it’s time to identify the resources you need to enable your team to work from home while maintaining the highest possible level of cybersecurity.
How Zero-Trust With SASE Positions Businesses for Success
Embracing remote work also means complicating cybersecurity, necessitating new policies and solutions to safeguard the devices and other infrastructure your staff members leverage to get their jobs done from home. In April of last year, as many businesses first transitioned to work-from-home arrangements, the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert warning that this change created new points of vulnerability that cybercriminals could potentially exploit to gain access to corporate networks.
Some companies tried to address the issue with Virtual Private Networks (VPNs), but that remote access technology has its own weak spots. The DHS CISA has also cautioned that failing to regularly update and patch VPNs and not implementing multi-factor authentication (MFA) for remote access accounts could lead to data breaches. On top of that, you can run into issues if your VPN supplier isn’t vigilant about security. For example, last summer news broke that some free VPN platforms left their servers open and potentially exposed millions of end users’ data, according to the vpnMentor blog entry “Report: No-Log VPNs Exposed Users’ Logs and Personal Details for All to See.”
Subsequently, zero-trust networks have emerged as the best option for businesses seeking to empower distributed teams. This architecture involves requiring verification before anyone is permitted to access any resources in your network. With granular perimeter enforcement and micro-segmentation based on end user characteristics like role and location, a zero-trust network only gives end users the green light for apps and data they need to do their jobs, according to Palo Alto Networks.
We offer a zero-trust architecture with a SASE with our Office Anywhere solution, which we designed specifically for clients that want a remote work strategy that balances accessibility with security. It minimizes their data breach risk while also providing a unified end user experience with the following features:
- A single and secure identity for each end user, based on unique device characteristics, MFA and other app classifications
- Option to log in from any device, thanks to the single identity
- Unlimited scalability, since the solution involves a software-defined edge and doesn’t rely on hardware, location or trusted networks
Ultimately, this type of approach is essential if your goal is to keep your data as safe as possible without hindering remote workers’ productivity.
Just like the scouts in “Moneyball” who objected to Beane’s novel data-driven approach, security leaders and business execs clinging to the old ways of doing things will inevitably find themselves outpaced by people willing to break with tradition. Still, it isn’t too late to welcome change and be part of the winning team.
If you’d like to learn more about what zero-trust network architecture with SASE and other next-gen cybersecurity solutions can do for your business, we’d be happy to help. Just give us a call at 877-599-3999 or email firstname.lastname@example.org.