The numbers are in, and the conclusion is clear: Employees want flexible work environments. Gallup notes that just 20 percent of employees work entirely in the office, and 60 percent of remote workers say they would look for other jobs if they could no longer work from home.
And while it’s taken time, employers are also on board. Long-term, they’re looking to create remote-capable workforces that include 55 percent hybrid, 22 percent fully remote and 23 percent fully onsite staff, according to Gallup.
Employee preferences and C-suite acceptance, however, aren’t the only factors in creating a sustainable digital work environment. To ensure staff can access the resources they need without putting data at risk, companies need secure access policies that can effectively scale to meet demand. Given that the move to remote work drove a 238 percent rise in cyberattacks, creating a secure access strategy is critical for success. It starts with zero trust.
Glen Freudenthal, a sales engineer with Fortinet, notes that companies are well aware of the security challenges that digital work presents. “Organizations choosing to implement either a hybrid or fully work-from-anywhere model are recognizing the need to provide both access to corporate resources and end-user security, but this shift creates a more complex view of security,” he says.
Click the banner below to unlock exclusive security content when you become an Insider.
Why VPNs Are Limited as a Digital-Work Solution
To help solve this security challenge, some companies have turned to virtual private networks, which help obfuscate and encrypt traffic to and from corporate networks. As noted by Freudenthal, however, “the problem with VPNs lies in the fact that they grant systemwide access to remote workers who should not have access to all company resources, let alone access to sensitive data or intellectual property that could have far-reaching consequences if exposed.”
He describes three broad remote user categories, each with specific access needs: general teleworkers, power users and super users.
- General teleworkers need access to email, internet, teleconferencing, limited file sharing and specific applications. They may be frontline service, finance or HR staff.
- Power users have higher-level access to corporate resources and the ability to operate in multiple IT environments. They typically consist of system administrators, IT support technicians and emergency personnel.
- Super users have access to confidential resources. They are generally executive management staff, administrators with privileged access and higher-level support technicians.
Zero In on Risk with ZTNA
Zero-trust network access makes it possible for companies to find a balance between security and accessibility for remote workers. By implementing a “never trust, always verify” approach, businesses can provide access on a per-user basis.
“The primary reason why many businesses should adopt a ZTNA approach to remote access comes down to minimizing risk,” Freudenthal says. “This means identifying and validating all remote users and devices that have a verified security posture.”
EXPLORE: Getting zero trust architecture right for security and governance.
According to Freudenthal, all types of remote users can benefit from ZTNA. “An HR rep may have general needs and have access to health information that needs to be secured and limited,” he says. “Power users may have access to critical systems that could potentially bring down the entire network. Super users have access to classified documents such as company earnings, product development and other documents that should be safeguarded.”
Deploying Scalable Zero-Trust Frameworks
While ZTNA offers significant benefits for scalable remote security, Freudenthal notes that “for established, global, advanced networks, deployment will require careful consideration of employee access, devices used and connectivity.”
Freudenthal says that to help companies achieve ZTNA at scale, Fortinet takes a holistic approach, one that considers how to protect and control every access point, device and data. For example, users and devices should be screened both before and after they access any resource, whether the user or device is on-premises or remote.
READ MORE: How zero trust can protect your data as cyberthreats grow.
“Fortinet’s Security Fabric provides a broad view of all things connected to the network; integration with the world’s largest and most complete threat research team, FortiGuard Labs, and with other solutions; as well as automation to detect and stop any malicious attacks,” he says.
Put simply, secure remote access at scale requires ZTNA solutions that balance permission and protection. “Companies need to ensure that security does not get in the way of day-to-day business operations while offering the flexibility to deliver secure access for both on-premises and remote users,” Freudenthal says.
Brought to you by:
