Secure by design IT: changing working practices demand a security re-think
The shift to remote working and increased cloud uptake is a security challenge for IT teams. Is your organisation up to the task?
Zero trust architecture
The shift to remote working and increased cloud uptake is a security challenge for IT teams. Is your organisation up to the task?
You can’t trust anyone these days. At least, not if you want to follow the latest cyber security advice. Keeping your organisation safe means adopting ‘zero trust’ architecture and looking for products and services that are ‘secure by design’. Together, these measures can be foundational principles on which to build a secure operation.
Staying secure is more important now than ever. In our remote working questionnaire, we found that almost half of respondents (48 per cent) said they would like to go into the office from time-to-time but just six per cent said they want to work in the office every day. The workforce is becoming more remote and flexible, which makes it harder to keep the business secure. IT needs to plan for all eventualities.
Zero trust architecture
Furthermore, half of companies in our survey (52 per cent) increased their use of cloud technologies during the pandemic and many are planning to move more workloads to the cloud in future. Almost two-fifths (38 per cent) plan to move to Azure, with 15 per cent going with AWS and 10 per cent looking at private cloud.
The result is a larger potential threat landscape and a network perimeter, once the frontline of cyber security, that essentially disappears. Today, a growing number of organisations are removing the inherent trust from the network, assuming instead that it is hostile. A new boundary is created around applications and any request to the network must be verified for identity, context and policy adherence.
This zero-trust approach is ideal when cloud adoption and remote working are accelerating, and it is also an opportunity to ensure that the company’s applications are secure by design. When security has to compete with other requirements during development, it can easily be overlooked or given a lower priority, which simply stores security problems for later. More developers and service providers are committing to a secure-by-design approach that embeds security throughout the development process.
Creating a seamless experience
A light touch is really important. Users don’t really want to think about IT and, when it’s working well, they shouldn’t notice it. They want a seamless experience that doesn’t require them to constantly log-in and log-out of various systems and always be authenticating themselves. Fortunately, this can be done without compromising security.
For our respondents who said they plan to adopt more Microsoft Azure, the good news is that much of Office 365 is already set up to support a remote-working, secure by design posture. There are a range of security tools, such as Microsoft Endpoint Manager, InTune, compliance tools, Advanced Threat Protection (ATP) for Sharepoint, web filtering and more. These can be used to create a harmonised estate with licenses you are already paying for.
Ekco have experience in delivering security and management best practice alongside Microsoft’s best-in-class tools to provide a light touch and consistent network to manage. For more information, head to our Office 365 Backup page.
The recent changes to working practices can be a source of frustration as IT departments try to keep up, but it’s better to see them as an opportunity to take stock of your security approach and make sure that it is both fit for purpose and does not frustrate users.
Question?
Our specialists have the answer