- 24 February 2021 |
IT teams have always had the demanding job of ensuring business networks are secure, when taking into consideration the spiralling costs and complex infrastructure. But the move to hybrid working has made it even harder.
A recent report from Harvey Nash found that 40% of IT leaders said their companies had experienced a noticeable increase in cyber attacks with employees working remotely. This is backed-up by a 2020 survey from PwC that suggests there has been a 600% increase in cyber attacks on home workers since the start of the pandemic.
Prior to the pandemic, most Security Operations Centres (SOCs) were just about coping with increasingly sophisticated cyber threats. Security was heavily focused on protecting the office network and its primarily static workstations, with maybe a small contingent of remote workers. This environment was easier to safeguard than what we have today - a heavily distributed workforce using their home networks and the equally distributed set of vulnerabilities that this creates.
The main challenge this presents is finding the right level of cyber security expertise and this is where there is now a significant gap. We are in fact facing a dire skills shortage. A recent Cybersecurity Workforce Study conducted by (ISC)2 reports a shortage of 4.07 million cybersecurity professionals around the world. The study also claims the cyber workforce needs to grow by 145% globally to keep up with demand.
The industry is evolving rapidly to support the fight. Software and automation tools are being rolled out to combat the cyber security problem, but the real issue is still the dearth of skilled cyber security experts needed to operate them.
Connectivity-as-a-Service (CaaS) is an industry model that takes things a step further to help bridge the skills gap. Cyber security experts are 'baked-in' to the service, which is consumed just like a utility - giving organisations the extra level of security required, without the need to find and recruit people internally. Rather than build, it means you can buy enhanced security capabilities through a subscription model, reducing the need for large capital outlays on new infrastructure and security software.
For a full breakdown of how Connectivity-as-a-Service works you can check out our last blog. However, in the remainder of this post, we’ll look at three ways CaaS specifically addresses the increased network vulnerabilities posed by a hybrid workforce:
With Connectivity-as-a-Service, employees working from home will have separate circuits and a corporate router designed. These work in the same way as the normal WiFi router, and enables users to connect to the secure business network without VPNs.
Any additional implementation or connection complexity is removed, and users can connect any of their devices to the corporate network automatically when they are at home. This simplicity, security and reliability replicates the in-office network connectivity for remote workers.
In a 2020 survey, 52% of CISOs said their work mobile devices have become very challenging to protect from cyber-threats. With a significant amount of work being done on mobile devices, it’s paramount their connection is secure.
For increased mobile network security, Connectivity-as-a-Service leverages corporate-grade SIM cards, meaning 4G and 5G enabled routers can provide reliable and secure business connectivity to mobile devices.
These can be deployed in routers, so that devices which cannot install SIM cards can still connect to the secure 4G and 5G connection. Alternatively, they can go directly into smartphones, tablets and MiFi devices.
These combine with private Access Point Names (APNs) to provide connectivity without the need for VPNs. Employees have instant access to their secure business connection via their mobiles, either at home or when working in a remote location.
Connectivity-as-a-Service utilises split-tunnelling, which divides traffic between public and private connections. This ensures that sensitive work-related data and applications are always accessed through the secure, corporate option.
On the flip side to this, it means that employees don’t use their business connection for personal use, as all of their non-business traffic is directed straight through their normal public internet.
When businesses made the shift to remote working in early 2020, security was often temporarily relaxed by IT teams to allow end-users to continue operating. A survey from Netwrix last year found that 85% of CISOs had sacrificed cybersecurity to quickly enable remote workers.
Cyber criminals tried to leverage the situation and exploit these vulnerabilities, which is why we saw such a sharp rise in attacks. With remote working set to become the new working normal, alongside a mix of in-office working, network security needs to be carefully planned for the long-term.
By utilising Connectivity-as-a-Service, you put in place a best practice approach to network security management, while also reducing the cost of ownership compared with an in-house approach.
6 September: Convergence Group, the telecoms provider for businesses, health authorit...
Thursday 1st July: Convergence Group, the telecoms provider for businesses, health au...