Network security in the return-to-work era
IT teams are dealing with the challenge of reconnecting devices to office networks as employees return to work. Here's how your organization can overcome that challenge.
Many organizations and employees are returning to the office after nearly 18 months of remote work. Restructuring daily routines and reconvening with colleagues are exciting elements of the return-to-work era. However, there are more safety protocols to consider than just hand sanitizer and masks. As employees return to the office, devices are reconnecting to networks or connecting for the first time, which presents a myriad of security challenges for organizations and their IT teams.
Poor visibility
Similar to other elements of remote work, lines were blurred when it came to security priorities. When employees were in the office, they often took network security for granted. Following the shift to work from home, many employees were unaware that their home networks were not the equivalent of their office network. IT and security teams' responsibilities increased as more user education was needed. Cybersecurity teams were forced to dig through networks to look for threats and issues, as opposed to their traditional role of monitoring logs. Skills -- such as writing filters to look for these anomalies -- are in demand as employees reconnect mobile devices, thumb drives and printers.
MFA will be the new TSA
While security teams are adding another skill set to their wish list, attackers are listening and building a wish list of their own: devices to target when they are reconnected to networks. Due to this shift, identity and verification are likely topping security teams' priority list. Before, security teams were able to follow the computer. Now, it will be harder to validate each device without access to logs on the public network. In major cases, such as SolarWinds, threats were detected because of multifactor authentication (MFA) on compromised credentials. Therefore, MFA will be important to track borderless or zero-trust networks to ensure devices returning to the workplace are not bringing risky baggage with them.
Preparing the cockpit
The allocation of resources and staffing is another key consideration when returning to the office. Senior security staff will be heavily relied on, creating ripple effects across the team which might overwhelm junior staffers and potentially create technical debt. It will be important for these understaffed security teams to focus on context switching and moving tasks around to more senior employees. Training junior staff, while implementing new products and evaluating policies, will create major resource constraints -- a concept all too familiar to those within the security community.
There are financial implications to overloading senior staff and taking extra time to train new or junior staff: overworking, lower productivity, burnout and the need for more time off. Additionally, if attacks are publicly disclosed, questions around the effectiveness of security strategies -- and salaries -- increase. It creates a Catch-22 where successful attacks produce questions around the need for more tools, while simultaneously creating the need for more resources to implement, maintain and monitor networks.
Zero trust: Preparing for takeoff
Although there were challenges, the shift to remote work proved organizations can adopt change more quickly. Organizations are now more aware of the security initiatives they need to prioritize. With remote employees at the mercy of their home networks, organizations saw the benefits of cloud services or even a policy of context-aware access. As a result, teams were forced to validate and secure devices and networks. If distributed workforces were the jet fuel for cloud adoption, hybrid and returning employees are the boarding passes for organizations adopting a zero-trust model.
What's on the security horizon
As much as employees are looking forward to reigniting personal connections in the office, security teams are looking for the newest and most efficient ways to protect network reconnections. The pandemic has fostered innovation. Now, it is up to the industry to act. As businesses map out their reopening plans, leaders will need to take device and network security into greater consideration than ever before. With ransomware attacks surging and threat actors lurking, businesses that survived the pandemic will need to ensure they can now survive the risks associated with returning to the office. The world has navigated some of the toughest challenges in modern history, and that same resilience will help teams navigate security challenges that come with digital transformation.
About the author
Jonathan Meyers is the head of IT and principal infrastructure engineer at Cybrary. He designs, maintains and secures all corporate infrastructure, including a security enablement platform supporting more than 200 companies and 2.5 million users worldwide. He previously worked as senior DevOps and senior operations engineer at Forcepoint (formerly RedOwl Analytics), where he oversaw the operations and deployment of its hosted and on-premises user and entity behavior analytics e-surveillance product. Meyers holds an information technology degree from the U.S. Military Academy at West Point.