By Gary Cox, Director of Technology Western Europe at Infoblox
Since emerging from the worst effects of the pandemic, a mix of in-office and remote work has become common practice for many organisations. Initially seen as a temporary way of easing employees back into the workplace after almost two years working from home, it appears that hybrid work is here to stay for the foreseeable future. As of May 2022, almost a quarter of UK employees worked in a hybrid fashion.
However, in an effort to accommodate the needs of their new hybrid workforce, business leaders have inadvertently increased their organisations’ security and compliance risks. This distributed way of working has dramatically increased the attack surface. It’s perhaps little surprise, then, that according to Infoblox’s 2022 UK State of Security Report, the majority of UK businesses experienced up to five security incidents in a year. The advent of the hybrid era means it’s never been more important for businesses to protect their network – or harder to achieve.
Expanded attack surface
Lockdown forced many organisations to leave their physical offices for good, while others adopted hybrid work where most of their employers worked remotely for at least part of the week. Whatever their preference, companies needed to move their applications and data into the cloud and protect them beyond traditional security solutions like firewalls and VPNs.
But employees logging in over their home WiFi networks, and using personal devices for work purposes – or work devices for personal affairs – meant the attack surface was enormous. As a result, businesses experienced a large number of attacks, many of which resulted in downtime, which can cost organisations considerable financial and reputational damage. Indeed, 43 percent of respondents cited breach damages of $1 million.
Hybrid work was found to provide bad actors with a much wider range of entry points into a company’s network, too. Insecure WiFi, for instance, was reported as being the biggest reason for data breaches, followed by insider access through current or former employees or contractors, and employee-owned endpoints, such as mobile devices and laptops.
Trust nothing
Most people today are aware of the perennial threat of cyberattack, but most can do little to protect themselves beyond just changing the password on their home WiFi router. Organisations must therefore take responsibility for security. This requires them to adopt a zero trust approach, which works on the assumption that attackers have already breached the network.
A multi-layered zero trust framework means all parties must undergo authentication checks at every point, as data flows in and out of an organisation’s network. Doing so will enable the organisation to protect everything that’s connected to that network, as well as limiting the damage in the event that an attacker breaches its defences.
Improved security posture
Organisations everywhere, regardless of industry, should consider how to leverage their existing technology to improve their security posture. For example, solutions that take advantage of DDI – a combination of DNS (Domain Name System), DHCP (Dynamic Host Configuration Protocol), and IPAM (IP Address Management) services, which are already used for device connectivity – to gain visibility into network activities down to the device level.
In addition to this, DNS security is essential for a zero trust approach. Given that more than 90 percent of threats that enter or leave a network will touch DNS, it is ideal for detecting potential threats. DNS security can help IT teams spot threats that other security tools miss, accelerate threat hunting, and reduce the burden on stretched perimeter defences. It helps them get more value out of third-party security solutions, through real-time, two-way sharing of security event information and through automation, which lowers the costs associated with manual effort and human error.
The COVID crisis has changed the way we work – potentially forever. As long as people continue to work remotely – even only once a week – the use of home WiFi networks will continue to increase the threat of compromise. It’s essential, then, that organisations have sufficiently robust security strategies in place to meet the demands of the hybrid era. A zero trust approach, supported by DDI metadata and DNS security, will help businesses adjust.