Cyber security for the modern workplace
Author: Tim Miller
Information security protection has come a long way in the last two decades. It started out with organisations designating their internal network as the trusted zone and everything outside their network as the untrusted zone. We used firewalls to restrict access from all untrusted zones into the trusted zone and gave assets within the trusted zone unfettered access to one another. From a workstation perspective, security was once considered good practice when anti-virus software was installed, and remote users had a VPN to connect to the corporate network.
Since that time, the threat landscape has changed, yet our approach to securing a workstation hasn’t. We have continued to add security tools onto workstations to plug the next hole – multi-factor authentication, personal firewalls, host intrusion detection / prevention, encryption, vulnerability scanning agents, data loss prevention (DLP) and endpoint detection and response (EDR) tools. As a result, workstations are slow, complex and difficult to manage. When the purpose of a workstation is to drive a business outcome, there are serious questions as to whether the balance is correct between the cost, user experience and security outcomes.
Today, in the age of offsite data centres, public cloud environments and the need for remote access from any device and any location, a secure environment is much more fluid and harder to manage. However, the maturing of various technology capabilities, a continued focus on cost optimisation, and the COVID-19 working from home requirement has forced a rapid change in approach. Security professionals have both an opportunity (and a challenge) on how to rethink the approach to enabling user and business functions while still providing a secure environment.
In adopting the principles outlined above to drive towards a simplified and more cost-effective secure workstation a number of challenges are likely to be encountered.