Cyber Security Hub’s Editor-in-Chief Seth Adler took some time to speak with Mike Riemer, Global Chief Security Architect, Pulse Secure, and Tom Mustac, Senior Director Biomedical Cybersecurity at Mount Sinai Health System, around key lessons and takeaways from the last few months of conducting operations during a global pandemic.
“We weren’t prepared.”
“We never saw this coming.”
These sentiments have undoubtedly been repeated across all verticals and industries as businesses and organizations were hard-pressed to rapidly scale out their footprint, bringing complexity—and in some cases increased risk exposure—as networks were re-architected for securing remote work capabilities.
“One particular customer comes to mind that is a global banking institute that went from 60,000 concurrent sessions of remote works to 260,000 concurrent sessions for remote workers.”
For many at the C-level, maintaining compliance during this time was paramount. Yet, in the harried push to deploy services off campus and away from the relative safety net of corporate networks, some opted to deploy solutions by checking off compliance “boxes.” That said, over-provisioning, ending up with redundant services, or even overpaying for a solution becomes a potential liability when done independent of establishing security policies beforehand for these types of product investments.
During a crisis like COVID-19 companies that need to ramp up quickly may be tempted to add new technologies, equipment from new vendors, and new connectivity. Yet, “The biggest lesson…” according to Tom “…is to stick to your guns when it comes to compliance. Now is not the time to try new things, cut corners, or worse, try to fix things later.” One truly needs to understand how their new and expanded environments will be impacted when deploying new solutions under such demanding and unknown circumstances.
What’s better than the proverbial knee-jerk reaction is to help educate stakeholders as to what strategies meet business needs, and asking questions like:
- Are we doing hybrid cloud?
- Are we doing public access?
- Are we doing only credit access?
- What are the requirements for each vector?
Zero Trust: Beyond a Buzz Word
Both an architectural framework and mindset, Zero Trust is often interpreted differently depending on who you speak with. It is a concept that requires all users to be authenticated, authorized, and continuously validated before granted access to applications and resources, while continually being monitored during each session.
Using technologies such as MFA (Multi-factor Authentication), and IAM (Identity and Access Management) can help identify and verify users and their devices. DLP (Data Loss Prevention) solutions can further roll-up into a Defense in Depth layered approach that combines physical, technical, and administrative controls.
Additionally, adopting Zero Trust principles and policies such as “Principle of Least Privilege” (PoLP) limits end-users with the minimum amount of access they need to carry out their jobs. This helps reduce pathways and exposure to malware, attackers, and the chances of data exfiltration.
The ability for continuous threat analysis and risk assessment allows organizations the visibility into user behaviors and heuristics to help inform decisions around network accessibility and security. Solutions that incorporate AI and Machine Learning (ML) enable automation, especially for low-level tasks that can work in concert with human decision-making to help triage and accelerate incident investigations.
Future-forward Secure Access
As to be expected, various vertical industries were better equipped to handle the transition to WFH and remote operations. Companies that could quickly pivot were often in industries such as Healthcare that could safely and securely provision users, more than likely due to stringent compliance mandates already in place.
Organizations that had embraced cloud and SaaS offerings tended to fare better, while more traditional businesses such as manufacturing or others that rely on legacy solutions have been somewhat challenged in moving historically physical operations online.
Wherever a company is at in their digital transformation efforts, future-forward strategies should help drive decision-making. These tactics include identifying secure access solutions for what is increasingly becoming “remote first” operations, establishing partnerships with potential vendors that foster candid conversations and open dialogue around what is and is not working, and focusing on outlining security policies and strategies. And remember, sticking to your guns when it comes to compliance means being prepared and ready for what the future holds.
Learn more about Zero Trust in this Digitalisation World article by Pulse Secure’s Chief Marketing Officer (CISSP) Scott Gordon.