The foundation of secure hybrid work lies in Zero Trust

The foundation of secure hybrid work lies in Zero Trust

Kurt Goodall, Troye Technical Director, tells us IT departments must adopt a new security approach to protect a dynamic workforce.

As more and more knowledge workers are opting for hybrid work models due to the increased freedom and flexibility, it presents both benefits and challenges to IT organisations. The research suggests that 57% of workers prefer hybrid work, which not only improves their engagement, productivity and wellbeing but also causes IT security headaches.

Kurt Goodall, Technical Director, Troye

With employees accessing corporate resources from various locations and personal devices, the attack surface has become much broader, making it difficult for IT professionals to defend against security threats. A global survey conducted by Pulse found that three-quarters of IT professionals struggle to keep up with the increased volume of security threats brought about by hybrid work, including ransomware attacks, insider threats, software breaches, vulnerabilities and phishing attacks.

The traditional, network-centric security approach is no longer sufficient in a hybrid work environment where employees are working from different locations and networks that IT can’t secure. This increases the risk of security vulnerabilities, as one session from an unmanaged device infected with malware could put the entire network at risk.

IT must adopt a new security approach to protect a dynamic workforce. Zero Trust Network Access (ZTNA) offers the necessary visibility and control to protect the organisation. ZTNA is based on the principles of the NIST Cybersecurity Framework, which includes explicit and continuous verification, least privileged access and minimising the blast radius.

Think of it as a nightclub security model, where employees must be authenticated and authorised before accessing work-related applications and their behaviour is monitored for potential risks. This allows IT to grant employees the freedom to work from any location using their preferred devices and apps while maintaining corporate security.

IT must also protect the network on the Edge, close to the apps and end-users, rather than relying on the traditional ‘castle and moat’ method. ZTNA solutions prevent lateral movement on a network by continuously evaluating risk factors and applying granular security controls when suspicious activity is detected.

Balancing security and flexibility is certainly a challenge for IT organisations. However, with the right ZTNA solutions, IT can provide employees with hassle-free access to the applications they need to get work done from anywhere, while preserving their experience and applying security policies and controls transparently in the background.

The future of work is hybrid and IT can advance it by embracing ZTNA to simplify security management and empower employees to engage and be productive from anywhere.

Browse our latest issue

Intelligent CISO

View Magazine Archive