The Security Challenges Businesses Have Faced During Remote Work
When the pandemic began, businesses had to get employees up and running incredibly quickly. Because of the speed needed, many organizations turned to familiar technology, like VPNs, to connect workers.
But few, if any, had the infrastructure in place to support a fully remote workforce in that way, and the result was new gaps in security.
“We started seeing security vulnerabilities and threats go through the roof, across the board,” said Nagaraju. “If you look at just malware or ransomware, our own VMware Carbon Black Tech research group saw ransomware attacks go up 150 percent. Other third-party reliable sources have put phishing attacks up 600 percent, just over the three to four months into the pandemic.”
The use of new devices made it more difficult for organizations to see who was connecting to their networks.
“We are living in an environment where employers or enterprises are flying blind here,” said Nagaraju. “They don't have much visibility into what endpoints are getting into their enterprises. They don't understand what kind of applications are being accessed, on which network and from where.”
How Businesses Can Adjust to New Security Concerns
Now that enterprises are adapting, Nagaraju said that they’re looking for better quality service along with workspace security, something that requires integration within solutions.
“It is a whole category of products that we are building out by pulling together the best-of-breed management software with VMware's Workspace ONE for managing all your endpoints, and combining that with the best-of-breed, next-generation, cloud-native endpoint security solutions coming from Carbon Black,” he said. “So you now have one platform, one console, to manage and secure all of your physical endpoints.”
It comes down to three buckets of protection, Nagaraju said: prevention, visibility, and detection and response.
“This tight integration, we believe, is completely going to change the game in the way you manage and secure your endpoints,” he said.
The sheer number of users connecting to the network also makes it more important than ever to implement zero-trust security principles. That starts with access management.
“The enterprises need to put solutions in place to ensure that the person is legit, that the username and password that you're seeing is accurate,” said Nagaraju. “You need to have technologies around multifactor authentication. You need to look into their behavior anomalies and then allow or restrict access.”
Taking these steps can protect operations, information and devices at a time when many organizations are in a state of flux.
“This is about ensuring end-to-end security,” Nagaraju said. “To make sure that the access pathway, from the user to the crown jewels, your data and applications, is completely secure.”