Enterprise Security in our New Era of Hybrid Work

In a world where remote and hybrid working models are dissolving the enterprise cybersecurity perimeter, how can businesses protect their digital assets while also enabling the highest levels of usability and performance for employees? What role does zero-trust network access (ZTNA) and Secure Access Service Edge (SASE) play in enabling this new era of work? And what people-focused factors are key to securing the disaggregated networks of the future?

To answer these and many other related questions, Palo Alto and IDG conducted an extensive thought leadership tour across the UK, France, Germany, the Netherlands, Italy, and Spain. Conducted under Chatham House Rule, the keynote addresses, Q&A’s, and panel debates that comprised the tour constitute a valuable snapshot of businesses at a moment of decisive operational change.

The rise of cloud-enabled hybrid working

While the shift to hybrid working was driven by the exigencies of the COVID-19 pandemic, the practice is here to stay. As participants of the France event pointed out, employees increasingly demand flexible working options, making hybrid-working models essential for talent acquisition and retention. 

During the event in Spain, participants explained the rise of hybrid working is to a large extent enabled by increased adoption of cloud applications and infrastructure by enterprises. By using services accessible over the public cloud, organisations can enable their people to work from anywhere there is a reasonably good internet connection. However, this approach brings with it significant cybersecurity concerns.

The threat landscape is growing in complexity

According to attendees at the Netherlands event, the threat landscape is more challenging than ever and changing continually. Although ransomware dominated the headlines 12 months ago, it was barely mentioned at the event; with attendees more concerned by email fraud and distributed denial of service (DDoS) attacks. Regarding the cloud, there’s a split between security professionals who find a distributed perimeter harder to control, and others who believe the greater use of cloud services reduces the threat surface they need to actively manage. As one attendee to the Spanish roundtable put it: “In the cloud there are no precedents or standards. The cloud security playbook is being written now across the industry.” 

Several events on the tour focused on the role of people in the threat landscape, and exactly how much onus should be put on users to protect the devices and connections they use for work. Participants in the UK stressed the need for training and education to make  employees aware of the unique risks that come with home working. The panel in the Netherlands suggested going further still by gamifying elements of training, to regularly refresh employees’ understanding and skillset around cybersecurity hygiene.

Consolidation of security systems is vital

As enterprises look to address the security challenges of working in a cloud and hybrid-centric environment, they are often hamstrung by fragmented security solutions. As attendees at the France event noted, organisations are piling up security layers comprised of point solutions that solve one issue alone, creating a situation where systems often are unable to integrate with each other.

A similar challenge was noted during the Italian roundtable discussion, where it was noted that network security all too often descends into a process of remediating crunch points, rather than strategically addressing security challenges with a holistic solution. In the UK, participants made the point that smart security investments can help solve this challenge. The key is for IT buyers to focus on spending budget to consolidate platforms and remote-working technologies. 

ZTNA is the future

Across all the countries that took part in the Palo Alto tour, one thing was clear: ZTNA is seen as a critical future capability. ZTNA is a category of technologies that provides secure remote access to applications and services based on defined access control policies.

Experts in all six countries believe that while ZTNA will be crucial to securing remote working for enterprises, there needs to be a process of education around the associated technologies and the benefits they can deliver. 

Where participants in each country varied, was in the exact opportunities and challenges around ZTNA. At the German roundtable, for instance, the focus was on how ZTNA can help accelerate IT-OT convergence by strengthening identity-based access control across the two formerly disparate networks. Meanwhile, in the Netherlands the key question was around how to scale ZTNA, with participants stressing the need for effective automation and a high level of security maturity within organisations.

The link between SASE and ZTNA

As outlined by participants in France, SASE is the infrastructure that will allow an organization to implement zero-trust principles at scale. SASE was described here as an “as a service” technology that enables the “convergence of IT security and access network stacks.” Palo Alto’s representatives outlined three key use cases for SASE:

• delivering consistent end-user experiences with better security and visibility
• enabling networking and security infrastructure for the move to the cloud
• eliminating costly branch hardware and network connections with SD-WAN.

In Italy, the discussion centred on how SASE can help enterprises overcome the challenges of technology fragmentation and keep a lid on complexity in distributed networking environments. The takeaway was clear: SASE is fundamentally important to helping enterprises transform their networks for today’s needs and delivers a flexible approach tailored to the unique security and network requirements of individual organisations.

Insights from Spain were similar. While most organisations present did not have a SASE strategy in place, most were considering the technology, citing the need for a holistic security stack during a time of increasing threats. The ability to deliver a good user experience and measure the performance of applications, services, and the devices from which these users connect were also identified as key benefits of the approach.

In the Netherlands, the idea that integrated networking and security stacks drive efficiency gains were flagged as particularly important, given skills shortages in these areas and the need to do more to combat threats with ever-tighter budgets.

Enterprise networking in Europe: change in motion

Overall, the impression from Palo Alto’s tour of Europe is that businesses have largely identified the need to change and that ZTNA and SASE will be key elements of their future networking environments. While most organisations are only starting this journey now, the drivers for change are compelling: enhanced security; greater automation, efficiency, and visibility; a better end-user experience; and lower overheads for the business.

To learn more about Palo Alto’s approach to ZTNA click here. You can also learn more about how SASE can support your network transformation goals here. And if you’d like to speak to a Palo Alto Networks specialist please email Mat Harper mharper@paloaltonetworks.com.