George WilkesMay 13, 2020
Remote Access and COVID-19
What we Learned & How it Changes Everything
The past couple of months have been turbulent and unprecedented. Global economies are tentatively considering how to re-emerge without sacrificing human safety for business prosperity. The immediate and disruptive impacts of COVID-19 will likely be a catalyst for transformation for years to come.
According to 451 Research, before the COVID19 crisis, 13% of the employees worked fully remote. Now, 65% of businesses have implemented expanded work from home (WFH) policies with more on the way. Additionally, 38% of businesses think those policies will be long-term or permanent.
This overnight digital transformation highlights some positives and areas for improvement. On the positive front we’ve proven that massive WFH models can work. However, you can’t just flip a switch and make it so. This new model requires a network architecture designed to rapidly scale remote access, which is something many organizations weren’t prepared to implement.
Stage One: Triage
In rapid succession organizations mandated WFH, cobbling together a remote access solution with legacy, not-fit-for-purpose VPNs. On March 13, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert stating “As organizations use VPNs for telework (work from home initiatives), more vulnerabilities are being found and targeted by malicious cyber actors.”
VPNs have been under fire recently for their lack of ability to protect enterprises in today’s hybrid IT landscape. Their inadequacies are exacerbated during the COVID19 due to poor performance and inefficient scalability. As organizations struggle to keep their workforce productive, cybercriminals are capitalizing on a a newly broadened attack surface made possible by dispersed remote workers. According to Security Magazine, coronavirus-related spear phishing attacks increased a whopping 667% increase in March 2020. Another research report states that remote workers worldwide are falling victim to cyber attack because they’re being tricked into installing malware made to look like legitimate VPN clients.
As organizations continue to triage the status of their remote access situation, they must plug the immediate security gaps and prepare for the future.
Stage Two: Optimize
IT, Network and Security teams have worked tirelessly to resolve performance, scalability and security issues related to increased pressure on their VPN technology.
“Having every employee work remotely creates bandwidth, scale and licensing issues on hardware-based VPN termination appliances.” (Gartner 2020, Quick Answer: Cost Effectively Scaling Secure Access While Preparing for a Remote Workforce)
One early solution was to ration VPN usage, which created productivity bottlenecks. Even VPN providers, like CISCO, had to limit their staff’s VPN usage to accommodate a mass influx of users hitting their network. To scale a VPN requires long and expensive hardware deployments along with an increase in bandwidth. Even then, VPN connectivity is temperamental, inconsistent and brutally slow, and not to mention riddled with the security issues and flaws the CISA warned about.
The unpreparedness of organizations and their network architectures places IT and Security professionals under duress with a mandate to keep the business operational.. To name a few reactive measures keeping these teams busy:
- Secure access is hard to achieve with VPNs considering the inherent security flaws and the work required to implement permissions and policies. A strong segmentation strategy is unlikely, leaving the network flat and vulnerable to lateral movement by risky users or threat actors piggybacking off VPN connections. Managing siloed and legacy access solutions across on-prem and cloud further complicate matters.
- Mass amounts of users connecting from new locations with their own devices has broken old baselines with new network traffic patterns. Managing alerts, anomalies and threat responses becomes an impossible task. Without a mature strategy to evaluate risk across a wave of new remote devices, network and security teams are left making a binary decision to either permit unbridled network access or remove access entirely, further stifling productivity.
- As previously mentioned, attack surfaces have increased substantially with mass remote workforce initiatives. Visible VPN ports give cybercriminals unimpeded access into an organization’s flat network. InfoSec teams are pressed to educate new remote workers about these risks while identifying successful attacks on their network.
In reality, it’s not possible to optimize VPNs to meet current demands for secure remote access. The future calls for a different approach.
Stage Three: Evolve
Infosec leaders are taking a long, hard look at their future remote access strategy. They must prepare for a “new normal” that combines health of employees with secure operations and profitability. Just like any major transformation, technology plays a pivotal role. What does this look like for remote workforces and network access?
Cost Optimization and Efficiencies
During this uncertain economic climate, the need to do more with less is paramount. Forward-thinking organizations will see no value investing in legacy technologies like VPN and NAC. Instead, they will seek solutions that provide higher throughput, fewer choke points, multi-cloud and hybrid infrastructure coverage, elastic scalability and integration with other systems. Simplicity and the reduction of operational complexity is essential.
Consistent Café Style Access
Network designs must change to focus on users, identity and the ability to access resources consistently regardless of location or network connection. There are two major benefits here; first, organizations no longer have to account for two policy models (on-network vs remote access). Second, trusted end-users get what they need to do their jobs, always and without variation in experience.
Heightened Zero Trust Security
A modern network access strategy that incorporates Zero Trust is inherently more secure. By focusing on identity, a fundamental Zero Trust principle, organizations are able to authenticate users and devices more accurately, while enforcing least privileged access with fine-grained entitlements. In-turn, organizations provision trusted access with confidence and significantly reduce the attack surface.
Zero Trust Network Access solutions, like Software-Defined Perimeters, are a perfect fit for organizations striving to evolve and transform network access in the wake of COVID19. Not only do they offer drastic security improvements but become catalysts for more efficient business operations.
Appgate’s Software-Defined Perimeter (SDP), is actively being adopted by progressive organizations undergoing rapid transformation efforts. In some instances, organizations have been up and running in a matter of days, as discussed in our recent webcast with The Third Floor, titled “Solving WFH in Four Days.” The journey toward a more secure access strategy for remote workers requires:
- Identity-centric authentication and real-time entitlements
- Fine-grained micro-segmentation
- Enterprise-grade throughput and scalability
- Extensive API integration and automation capabilities
- A unified access solution across heterogenous environments