Electricity and Control April 2021

CYBERSECURITY

Cybersecurity in a work-from-anywhere world

Simeon Tassev, MD and QSA at Galix Group

W ith the Covid-19 pandemic, many businesses restructured their office strategies by locking or reducing their office footprint, others introduced hot desking and some went completely remote. This shift brings with it various challenges in terms of security. Policies and processes must be adapted, and controls need to become software-based to cater to a world where people are empowered to work from anywhere. The Secure Access Service Edge (SASE) is built on a zero-trust approach that requires all connecting devices to meet the criteria as defined by security policies and have the right levels of authentication. This framework offers an effective solution to security challenges faced today and in the future. The edge is growing The traditional approach of boundary protection becomes increasingly cumbersome and ineffective with remote access as the edge grows and boundaries become more amorphous. Environments need to open up to allow for an increased workforce with people who are not necessarily working from within the corporate physical location. A more flexible and scalable approach is needed and, at the same time, security needs to be tighter than ever. To facilitate current and future workforce requirements, enterprises need to ensure that all endpoints and connections are managed with consistent policies regardless of location. The work-from-anywhere business model creates greater edge computing and changes network access needs, as more users, devices and applications become located outside of the corporate enterprise. Locking down the perimeter is no longer effective or even possible and doing so can negatively impact business efficiency. A different approach is essential to facilitate today’s dynamic access requirements. Trust is earned SASE starts from a base of zero trust. This means that, by default, all devices are untrusted. To earn trust and gain access, policies need to be applied and criteriamet, such as various levels of authentication that must be implemented. To do this, agents are loaded onto endpoint devices, which connect with the SASE system and receive the relevant levels of access and permissions to enable connection. It allows businesses to facilitate a remote or hybrid workforce using public infrastructure, while still applying corporate security policies consistently and homogeneously. Using a SASE framework ensures more effective management, as policies and access controls are applied

consistently no matter the device or location. This approach also increases security because it is homogeneous and leaves no room for error with regard to policy implementation. Using this type of network design, enterprises are in a more effective position to manage the complex workforce setup that the ‘new norm’ has created. Ensuring effectiveness The first step in effectively implementing a SASE framework is to understand, from a network architecture perspective, how it will function. An assessment is therefore needed of the applications in place, what is required to access them, and where they need to be accessed from in order for employees to perform their jobs. Businesses need to map what users need to connect to and where. Once this is understood, the relevant controls can be put into place and technology implemented to enforce and police these controls. Furthermore, this updates the permissions required as well as access controls and authentication. The right partner is key Technology is a crucial tool in facilitating a zero-tolerance network approach, as it is impossible to enforce controls otherwise, but choosing the right tool and customising it effectively can prove challenging. The most appropriate technology solution depends on the architecture and specific requirements of an enterprise. The right security partner can ensure that technology, access and strategies are linked to the particular needs of the enterprise and design a solution to suit. Risk mitigation is the key, and an effective partner can help businesses to navigate the unchartered waters of the current environment and position themselves to meet future changes with greater ease.

For more information visit: www.galix.com

Electricity + Control APRIL 2021

31