By Michael Oldham
2020 was the year of the “New Normal.” But what happens after the New Normal is over? What happens in the “Next Normal?”
How will your IT organization prepare for the risks and uncertainty of the fluid world we will all swim in as this pandemic subsides?
Many people plan – or prefer – to continue to work from home, even after the pandemic. Whether it’s increased productivity, adapting to reality, or just trying to keep their employees happy, 72% of companies plan to shift at least some portion of their staff to permanently work from home.
But there’s a dark side to this dynamic digital dichotomy. As organizations struggle to determine which working model is best for their Next Normal, cybercriminals are not sitting idly by waiting for them to figure it out. Hackers will continue to launch their unrelenting attacks on your increasingly vulnerable perimeterless world. And that’s why more organizations than ever before are implementing a Zero Trust approach to access control.
2020’s Bitter Medicine
We got a sour taste of the hackers’ bitter medicine in 2020, when the number of malware attacks increased 358% and the number of ransomware attacks jumped 435% – both mostly attributed to opportunities generated by the quick migration to a remote workforce without strong access controls in place. The estimated cost of ransomware attacks in 2020 was $20 billion (a figure generally accepted to be underreported).
The medicine tasted even worse when it came to phishing and data breaches. According to the FBI’s Internet Crime Complaint Center’s 2020 Internet Crime Report, there were 241,000 reported phishing, vishing, smishing and pharming attempts in 2020. Data breaches, most frequently achieved through compromised credentials, resulted in $128.9 billion in reported losses in 2020. Throw in $1.866 billion in reported losses due to business email compromise, and the security side of the pandemic has been extremely painful to the bottom line.
All those numbers are bound to go up in the chaos of getting to the Next Normal, as organizations determine what work model will work best for them – IF they don’t rethink how they provide remote access. The reason those numbers will continue to go up is that many organizations still rely on vulnerable technologies that connect directly to an organization’s network – allowing anyone who can take advantage of those vulnerabilities or use valid credentials to attack multiple resources once inside the infrastructure. VPNs and other remote access technologies just weren’t designed for today’s security challenges.
In the Next Normal, everyone agrees we’re going to see a lot more remote work than before. But not every organization is going to be totally committed to going fully remote. I would venture that many may jump into the remote work pool at first, but then revert to requiring employees to work in the office depending on their production, the nature of their jobs, and especially the increased risk to access to each organization’s resources.
Whether organizations decide a remote or on-site workforce is best for them or they take a hybrid approach as many organizations plan to do, the reality is our digital ecosystem has seismically – and permanently – shifted.
In my mind, this is good news for the IT world. If the pandemic showed us anything, it demonstrated how amazingly flexible, resilient, and responsive our infrastructure is, even with some of its most glaring security flaws exposed.
The Dark Side of Digital Transformation
The global lockdown accelerated organization’s digital transformation programs by months and even years, according to KPMG. For instance, at the beginning of 2020 KPMG said “67% of U.S. CEOs expressed concerns about migrating all of their business to the cloud. The pandemic, by forcing everybody to embrace digital technologies, has largely erased previous hesitation.”
But while the hesitation has evaporated, don’t fool yourself: a certain amount of chaos will continue. The warts in providing secure remote access have been exposed for all to see during the test run of the pandemic year, as the numbers above show. Many organizations discovered, much to their chagrin, that providing secure access to critical resources and applications within their infrastructure – local and cloud – was not as robust as they thought.
This is not to call those organizations out. They did as well as they could with what they had at the time. Unfortunately, what they had was not designed for a world where an end user might access those resources from insecure devices and untrusted locations – if in fact that person is even a true end user, given how frequently user credentials are compromised today. Then, without segmentation, an intruder who gained access could direct almost any kind of attack against an organization’s resources, both local and cloud.
In a world where hackers are adept at stealing user credentials through phishing, brute force and dictionary attacks, that’s a recipe for launching a ransomware strike right there – a strike to the heart of your infrastructure using your own credentials against you.
Every resource, every port, every cloud application you open to access is an attack point. Each surface you open to the Internet for remote access generates exponentially more risk. VPNs, now used more than ever, leave you open to being attacked via vulnerabilities in the products – or more commonly, with your own credentials.
The stark reality is your employees, business partners and solution vendors who all have some level of access to your network are more reachable through the Internet in their homes than they were when they were locked behind firewalls in their offices –and it’s easier than ever today for hackers to steal their valid credentials and use them against you.
Once hackers get into your infrastructure, they can then pivot and attack any resources, either local or cloud, available through that infrastructure, as well as other end users who may be on that network. And that’s why you see hackers continue to be successful in shutting down organizations with ransomware, exfiltrating data, or just causing colossally expensive problems across today’s enterprise infrastructure in general.
Crossing the Bridge to the Next Normal
The pandemic illustrated in sharp relief the different ways you can offer access to your information – which from a business perspective is definitely desirable, but which from a security perspective can just as definitively be a nightmare. The challenge is in how to reconcile two such disparate goals that often seem diametrically at odds with each other.
Many leading enterprise organizations around the world today take a Zero Trust Access approach to bridge that gap between their business and security needs. For instance, organizations use Total Access Control (TAC), a Zero Trust solution from PortSys, to significantly reduce the attack surface by bringing central control over all their resources, whether they are local, cloud or web-based applications.
All user requests go through TAC before access is granted to any resources. TAC seamlessly examines the users’ full context of access – including checking their security disposition, validating their devices, using multiple-factors of authentication, and examining any user’s current status against security policies for each resource to determine which resources should be available under those specific circumstances. Then, only those specific resources are made available to the authenticated users – and they are not given general access to the entire network.
This means users are captive within the applications they are authorized to access and nothing else. This also provides the crucial segmentation necessary to minimize any lateral movement within an organization should there be any sort of breach.
TAC helps organizations close many of the Internet-facing ports they previously used for access. And with TAC, all traffic is encrypted – even if the original applications didn’t use encryption itself, which is common with many legacy applications.
Zero Trust Access – Designed for Digital Transformation
By creating this level of segmentation of resources, by closing the ports organizations have to the outside world, and by reducing the fronts they have to defend, an access-based Zero Trust approach makes security much stronger across the board – while at the same time making it much simpler for end users to do their jobs. And that’s really what we need to get to the Next Normal: to be able to adapt to the ever-changing digital transformation taking place across your infrastructure, regardless of disruptions to the business world.
This will not be the last business interruption you face in your career. Healthcare experts predict there are other pandemics to come. There will also continue to be the disruptions from other natural disasters that already happen on a regular basis today – hurricanes, blizzards, heat waves, tornadoes, floods, droughts, just to name a few.
Regardless of what your Next Normal is, you can adapt whenever these business disruptions arise – whether it is managing a pandemic, business continuity during a natural disaster, or just trying to achieve digital transformation – without compromising the security of your organizations.
Building a Zero Trust Access infrastructure will get you to that Next Normal – simpler, stronger and with a more unified IT security infrastructure to help grow your business.