Many organizations had big plans going into 2020. Digital transformation initiatives, including the adoption of cloud infrastructure and zero trust security, have garnered widespread interest in recent years, and enterprises were actively pursuing three-and five-year plans in the first few months of 2020.
However, the COVID-19 pandemic upended these strategies. Within a matter of weeks, organizations moved from planning for future growth to fighting to just maintain normal operations. With the uncertainty created by the pandemic, innovation budgets were frozen, and organizations reallocated resources to ensuring that they could continue to operate through the pandemic.
Now as organizations begin to return more employees to the office, they need to navigate continued network security challenges while reengaging their transformation plans to move forward and emerge from the pandemic. Fortunately, there are measures they can take to help fortify themselves from future threats and to harness and evolve with changing technologies.
Key Measures to Protect Network Security
Invest in Business Continuity
The pandemic forced a sudden transition to a mostly or wholly remote workforce for most organizations. Few companies had the infrastructure to support such a model, so IT budgets were focused on filling the gaps and allowing daily business to continue.
The growing need to securely manage multiple types of user devices, applications, storage systems and networks is a concern organizations may have. However, consolidating the number of tools they use can help curve that concern. The increase of identities stored across multiple applications and platforms leads to increased vulnerabilities, as well as additional IT costs. Organizations should consider ways to consolidate these solutions by migrating to a platform that can be managed from a single pane of glass.
Prioritize Network Access Control
Organizations not only face growing attacks from the outside, but the risk of insider threats have also increased exorbitantly during the pandemic, whether intentional or accidental. This trend has also been on the rise for years, with insider-caused cybersecurity incidents increasing by 47 percent since 2018, according to the Ponemon Institute.
The increased adoption of cloud-based infrastructure during COVID-19 had significant security implications. Security misconfigurations are common in the cloud, and employees unfamiliar with new solutions and infrastructure are more likely to make mistakes. This creates network security gaps that expose organizations’ systems and data vulnerable to attackers.
The rush to switch to a remote workforce also meant that certain cybersecurity protections were overlooked. To avoid these types of network security breaches, organizations should focus on identity access management (IAM) to implement stricter control practices. This minimizes insider threats by ensuring that authorized users are only granted essential access within the network. Organizations should place strict guardrails on authorized personnel accounts based on their specific job functions to limit access to broader systems and overall network threats.
Implement Authentication Solutions
The work-from-anywhere transition also created new password management challenges for employees. Juggling multiple passwords can be difficult and people often reuse passwords across personal and work accounts. However, to help employees mitigate password risks, network administrators should leverage authentication solutions like single sign-on (SSO), multi-factor authentication (MFA), and virtual private networks (VPNs). Exploring password-less solutions and Zero-Trust architecture will further support next-generation secure solutions.
Implementing these types of solutions can help protect against compromised passwords and even streamline identity management by offering an additional layer of network security.
As remote or hybrid work continues to be commonplace, organizations need to invest in their infrastructure to effectively support and secure it. Temporary remote work infrastructure does not meet the long-term needs of a permanent telework program. As a result, the pandemic and other 2020 events (including a series of high-impact supply chain attacks) created new focuses on business continuity and third-party risk management for corporate digital transformation initiatives.
The COVID-19 pandemic created a “big pause” in corporate digital transformation as companies focused on maintaining business as usual rather than building for the future. As a semblance of normality returns, expect a surge in digital transformation efforts as organizations work to make up for lost time.