Cost Optimization:
Making the Most of Mobility in a WFH World

By Tim Boivin

Most enterprise security teams in the past managed mobile access to their hybrid network resources for around 20% to 30% of their employees, scattered across a dozen or so offices.

Not anymore. Not after this pandemic.

In Dark Reading’s 2020 Strategic Security Survey, 70% of respondents expect the Covid-19 crisis to “necessitate substantial changes in their IT and security environment over the next year.” IT organizations today are being tasked with cost-effectively managing more mobile assets and access to resources required for the work-from-home (WFH) environment than ever before.

And not just until the pandemic is over, but for long after the pandemic runs its course.

With an expected permanent shift for many employees to a WFH environment, those same security teams are now tasked with managing more users and devices – corporate or personal, desktop or tablet or mobile – than ever before.

Not a recipe for success.

Piling on the Mobile Costs

Many are now coming to the sad realization that this exponential increase in remote access is going to cost their organization a lot of money. That’s because today too many companies have too many solutions to manage access, and their legacy infrastructures were not designed for this.

That’s why the hackers get in. It’s too much for most organizations to properly manage and keep secure.

All these products cost money. Maintenance for each solution costs money. Help desk support costs money. The expertise needed to properly manage each solution costs money.

Some organizations have even gone the uber-expensive route of purchasing thousands of corporate and mobile devices for employees to use while working remotely. Others take the even riskier route of allowing employees to use their personal mobile devices – with little or no codified security measures – to access business-critical resources and applications in their infrastructure.

As you can see, these costs quickly pile up. So do the threats that come knocking at your door, which becomes even more expensive if a hacker successfully penetrates your attack surface. From there, the attacker can lock down your network with ransomware, steal data or quickly pivot and infect your other resources with damaging and even more costly malware.

Such a rapid – and unplanned – acceleration of digital transformation to meet the needs of WFH workers requires stronger security, yet many organizations are going in the wrong direction. They still rely on legacy solutions, such as mobile device management (MDM) or VPNs, that only deal with one sliver of an organization’s security challenges and may expose it to more risk unintentionally.

What about everything else?

The Tail Wagging the Dog

The more solutions you have for controlling access in your environment, the more at risk you are, and the more it will cost you every day. In order to ensure business continuity in such a decentralized environment, consolidating and securing access for all types of devices to all your applications and resources not only is mission-critical, but is also cost-efficient.

This isn’t a new development. Managing access for mobile devices was already a costly proposition, even before the pandemic. That’s because the wildly unrelenting and transformative growth of the internet provided waves and waves of golden opportunities for hackers to breach your perimeter through mobile devices.

MDM is a prime example of why a tail-wagging-the-dog approach doesn’t work for IT security. As mobile device use became increasingly ubiquitous around the business world, securing those devices presented unique challenges to organizations.

So, what did the industry do? It released a barrage of new MDM products, supposedly so organizations could incorporate access for all those mobile devices into their networks in a more secure manner.

It didn’t work.

IT departments added these new autonomous MDM products – many of which couldn’t communicate with other applications to an avalanche of other products: cloud security, application security, firewalls, multi-factor authentication, Single Sign-On (SSO) and so on. That added one frustrating layer of complexity on top of another, and another, and another…across their infrastructure.

To make matters worse, these MDM solutions were only concerned with mobile devices; they weren’t designed for desktops, laptops and corporate devices within an organization. Even though they are just a small element of the corporate infrastructure, they still must be integrated with, or circumvent, other costly point solutions: Firewalls, VPNs, SSL/VPNs, IDS/IPS, Anti-Virus, Anti-Spyware and Application Firewalls, to name just a few.

That’s a truly frightening and expensive proposition which in the end makes your organization much less secure.

That is why Zero Trust Access (ZTA) is so important.

More Mobility for Less

In today’s remote access world, it is business-critical to have an integrated ZTA solution to query and validate the mobile device, the user, the location and more. You should be able to leverage this information in concert with a granular policy engine to specifically determineby user, by device, and by applicationwhat should be accessible under dynamically shifting circumstances.

Today’s MDM solutions, on the other hand, are designed at a more macro level to unilaterally either allow or block access, while remaining blissfully unaware of the granular requirements desired for today’s security infrastructures. This type of top-level “allow-or-deny” approach is simply not good enough, and we see evidence of this every day with the announcement of new breaches.

More than this, a legacy Access Control system should not be required to proactively manage all devices – a cumbersome and expensive assignment all by itself.  Rather, it should be able to make an intelligent query dynamically, as access is requested, and determine whether that combination of user, device and context of access meets the security requirements for accessing each protected resource.

It should also be able to control access to resources regardless of where they reside – be it in the local datacenter or in the cloud – all through a single solution.

With a ZTA solution such as Total Access Control (TAC), your organization will gain much stronger control over your resources regardless of the type of device that your users, contractors and business partners may have in their possession. And you will do it at a much lower cost overall.

Meanwhile, you will increase flexibility while simultaneously maintaining a higher level of security for your organization. And you can do all that without painfully suffering through the costly complexity issues presented by the myriad of legacy solutions most organizations use today.

But what about improving cost-optimization when it comes to the end users as well? It all comes down to productivity.

TAC is easier for end users, meaning fewer calls to the help desk. With TAC, mobile users don’t have different ways to get access to their work resources, cloud or local. They are all available in one place. Once authenticated, TAC’s secure Single Sign-On (SSO) provides access to the resources the mobile users are authorized to access…and nothing more. Mobile users don’t have to remember multiple passwords for various applications and resources – just log in to TAC and it does the authenticating of the user, the device, the location, the full context of access.

And since SSO is consolidated along with many other technologies within TAC that traditionally have been purchased separately as point solutions, your organization doesn’t have to spend valuable time and money integrating all those separate solutions. The robust security your organization achieves also helps to significantly reduce the substantial costs associated with breaches, malware and ransomware.

TAC improves productivity, enhances mobility and provides a unified access experience that secures access to all your corporate resources regardless of where they reside, local or cloud. This ZTA solution scales to manage access for hundreds of thousands of users using mobile devices such as smartphones, tablets, laptops, desktops, and other devices – all while offering essential control over all access to resources, local and cloud, in one central solution.

Do more for much less with TAC.

If you would like to learn more about how TAC helped improve security of mobile devices in the real world, check out these case studies: