Jawahar SivasankaranJanuary 18, 2022
What’s Ahead for Cloud Security and Hybrid Work in 2022?
The hybrid workforce is here to stay. Organizations are shifting to more mature, dynamic solutions like Zero Trust Network Access to bolster their cyber defenses.
The ability to work from anywhere isn’t new. But the global pandemic has made it a widespread standard and has fundamentally changed the way organizations manage hybrid workplace security. Even when the pandemic is finally in our rearview mirror, it is likely that the shift to hybrid workforces will be a permanent one. This exponential increase in remote users plus an ongoing shift toward hybrid and multi-cloud environments is a recipe for very complex security challenges, including:
- Use of outdated network security tools: Tools with “default allow access,” like VPNs or network access control (NAC) solutions, are too risky
- Legacy workloads: Not everything can migrate to the cloud all at once; legacy infrastructure also requires modern secure access
- Compromised devices: Nearly half of organizations cite an increase of personal devices being used for work, and 82% say they enable BYOD to some extent. It is very difficult to manage this proliferation, and if a compromised device accesses the network, an internal vector attack is much more likely
- Third-party access: Traditional network security tools, like VPNs, give third parties all-or-nothing access, making them an easy target for bad actors or making it too complex to manage access control rules.
- Cloud access: Secure access permissions are often broad and static, due to the challenge involved in managing fine-grain policies across dynamic hybrid and multi-cloud environments
Against this backdrop, what will 2022 bring to bear? Here are a few predictions:
- Forward-thinking organizations will continue to shift from traditional network security tools like VPNs to more modern Zero Trust Network Access (ZTNA) solutions, which provide secure access with simple, fast, secure user connections from anywhere to apps in the cloud, on-premises or on legacy systems. Indeed, Gartner predicts that by 2024, at least 40% of all remote access usage will predominantly go through ZTNA, up from less than 5% at the end of 2020. There will be broader adoption of ZTNA beyond the network to include cloud assets such as containers, workloads and microservices
- As hybrid/multi-cloud environments become more complex, organizations will seek one network secure access platform that allows them to dynamically secure workloads and people– even as new instances spin up and spin down—with a single policy framework
- Organizations will embrace Zero Trust tools that incorporate single-packet authorization (SPA), which only allows access to specific users with specific permissions at a point in time. In contrast to a VPN, which makes the entire network visible if an attacker gains entry, SPA makes all network resources invisible beyond what a user is authorized to use. So, if an attacker finds a way in through a vulnerability or a phishing scheme, they won’t get very far because SPA prevents lateral movement
- More organizations will start to adopt modern cloud-driven, automated development methods to accelerate development cycles (DevOps). Network and security controls must work in parallel, and more organizations will shift toward a DevSecOps approach to apply security at every stage of the development and deployment cycle
- Channel organizations will increasingly embrace Zero Trust to provide differentiated solutions, helping their customers accelerate digital transformation, streamline remote access and facilitate cloud migration
In conclusion, 2022 will be the year that many organizations ditch their VPNs for good and move to more mature, dynamic and easy solutions like ZTNA, embrace Zero Trust frameworks for cloud security, which will help them accelerate modernization and bolster their cyber defenses, while providing their users with seamless, secure access where and when they need it.
Blog: Zero Trust Security for the Cloud
Solution Brief: Securing the Hybrid Enterprise
Blog: VPN Alternatives
Appgate SDP Overview