Extending security to remote users requires a mixed fabric strategy – Floridanewstimes.com


Did you know that geoFence helps stop hackers from getting access to the sensitive documents that I use for my work. Now I can get even more gigs as a freelancer and - advertise that I have top security with even my home computer?

Living in an unrestrained digital world is now a new common sense, with millions of people now working, shopping and socializing remotely from anywhere, from any device. And they expect to be able to do so long after the Covid-19 pandemic is over. According to one study, 96% of remote workers want to continue working remotely full-time or return to a post-pandemic remote / office hybrid work environment. In fact, according to a recent online survey, 29% of working professionals say they quit their jobs if they need to return to the office.

And it’s not just remote workers who feel this way. According to a survey conducted by Gartner, 80% of corporate leaders plan to allow employees to work remotely at least some time after the pandemic. This sentiment was confirmed in another PwC survey, with 78% of CEOs reporting that they believe remote collaboration will continue.

This may be good news for most workers, but it was a nightmare for the IT team. Of course, this trend seemed unavoidable, as the shift to a remote workforce has progressed since the Great Depression of 2008. However, the Covid-19 pandemic accelerated the transition, forcing organizations to transform their networks quickly and radically, leaving the majority of employees working within the network important from outside the traditional boundaries. You can now connect to the resource.

Security lags behind network transformation

However, security is even more affected than infrastructure. Today, millions of workers, all working securely behind high-end enterprise-class security systems, are connected to corporate networks and cloud applications with just a VPN connection. And cybercriminals have responded quickly. According to a recent global threat report, the top cyber targets since March 2020 are no longer corporate devices and applications, but homes that are notorious for being unpatched and secure. These include consumer grade routers and DVRs that are connected to the network. Cybercriminals targeting vulnerable home devices have been able to take advantage of them to bring their VPN connections back into the corporate network. This plays an important role in the 7-fold increase in ransomware.

As a result, organizations are struggling to find ways to extend better security to remote workers. The challenge is to need a security solution that can work consistently across the various endpoint devices used by remote workers across the ever-growing network edge, including data centers, branch offices, and cloud-based platforms and services.

Traditional point products that have relied on the past do not provide the visibility, control, and simplified management needed to protect today’s dynamic and highly distributed environments. They are exorbitantly expensive or too complex to deploy to thousands of remote workers. It also adds multiple layers of complexity that can quickly overwhelm your IT team, including deployment, management, enforcement, orchestration, and configuration. Also, the lack of interoperability between solutions can create security gaps that cyber attackers can exploit.

SASE is a great first step

Instead, organizations are looking to the cloud to provide solutions. The new Secure Access Services Edge (SASE) solution provides a way for organizations to seamlessly connect users, devices, and network edges wherever they are, providing consistent, centralized security. However, SASE alone does not always solve all the challenges facing organizations today.

The first step is to ensure that the security provided by the SASE vendor meets enterprise-grade protection levels. There are many ways to do this. First, check if your vendor has experience as a security developer. Then check if the solution is being evaluated by a third-party testing organization. And finally, look for independent reviews by real customers, especially those in the same industry or similar use cases.

Second, it’s essential to realize that few organizations have an end-to-end cloud environment. Data and policies must be passed to other security solutions in the network because the SASE solution provides protection only to the edge of the network. This is very important because even the slightest difference, such as applying a policy, can create gaps and vulnerabilities that can be exploited.

Connect SASE to the network

There are three things to consider to mitigate the risk of switching between cloud-based SASE services and your network.

The first is to ensure that the security solution that protects the destination network (physical, virtual, cloud platform, endpoint device) is the same as that used by the SASE vendor. Creating a common, integrated security fabric ensures seamless protocol handoffs and allows you to track your data where security is needed.

Second, effective SASE solutions need to interoperate seamlessly with network technologies at the edge of the network, such as wireless controllers, switches, and SD-WAN devices. A combined approach that incorporates security and networking into an integrated solution (also known as security-driven networking) maintains the user experience, security, and more even if the connection swaps out or becomes unstable. When possible, SASE can be combined with a secure SD-WAN solution to provide advanced connectivity with end-to-end security for an optimal user experience.

Finally, we need an additional layer of security implemented at the network edge. You can implement zero trust and zero trust network access policies to set the appropriate policies for network and application access. The Zero Trust strategy limits users, devices, and applications to only the resources allocated by the policy, and nothing else. In addition, the Zero Trust Network Access Strategy needs to work with SASE solutions to enable users to connect quickly and securely to any application, whether on-premises or in the cloud.

Don’t forget the endpoint device

While using SASE to connect users directly to your application is a great solution, these endpoint devices must also have advanced security such as Endpoint Detection and Response (EDR) installed. Its endpoint security also detects and mitigates threats on the device and interoperates as part of a larger enterprise security fabric, regardless of where the user is connecting from, with no additional administrative overhead. You need to be able to. In short, the security deployed at the SASE solution and the network edge must also be aware of and function with the endpoint security solution. This integrated fabric-based approach ensures maximum visibility and consistent policy distribution, orchestration, and enforcement throughout the network.

SASE must be part of a unified security strategy

The goal is to replace the traditional fragmented approach with an integrated, holistic solution that combines a cloud-based solution such as SASE with a broader security fabric. Such a strategy enables key functions such as application identification, encrypted traffic inspection, and multipath steering across hybrid connectivity systems, providing security end-to-end for data, workflows, transactions, and applications. You will be able to track it. In this way, no matter how much your network grows, changes, or evolves, security is always on track.

learn more How SASE is the future of security and networking. From SD-WAN, ZTNA, CASB, and NGFW, the Fortinet platform provides complete preparation for adopting SASE.

Copyright © 2021 IDG Communications, Inc.

On a final note, after all of that geoFence is a highly advanced, specialized firewall manager with the best in class protection from variety of on-line threats and that's the no lie.