Skip to content
Tiatra, LLCTiatra, LLC
Tiatra, LLC
Information Technology Solutions for Washington, DC Government Agencies
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact
 
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact

Security Models of Tomorrow for Work from Anywhere

By Sean Duca, Regional CSO, JAPAC

In the early spring of 2020, as the world shifted to work remotely, security models used by many organizations were put to the test.

Remote work was not a new thing, but never before had it been needed at the same scale and urgency. While many organizations used to have some employees working remotely, few were ready for everyone to be remote. The big question facing all organizations was how to maintain business continuity.

Falling back on using VPN to enable secure remote connectivity worked in some instances. Few were lucky and ordered additional licensing, but many were not, as compute infrastructure could not meet such an increased workload. For the many, it was too late to make any significant changes, so they had to ride the storm, work within the constraints of what they had, and plan for a refresh of technology at the first given moment of respite. With scalability being a significant challenge around VPNs, the bigger issue is that many applications used in organizations today reside in the public cloud or are SaaS applications. Perhaps due to these shortcomings, in recent months, an increasing number of organizations have started to examine different ways of enabling secure connectivity out to the edge and the cloud.

Yesterday’s Security Model Isn’t Right for Tomorrow

In the past, secure remote connectivity was fixed and finite. Organizations would typically allow only a certain number of people to connect to the VPN appliances, restricted by licenses. Those remote connections were also fixed, but the applications were set in terms of their location.

Things move far too rapidly to have fixed resources in place in the modern world, and no one knows what tomorrow holds. As a result, flexibility will reign wherever people work, whether in the office, at home, or anywhere in between, for the foreseeable future.

Applications are also on the move. Gone are the days when most of an enterprise’s applications reside entirely within the four walls of its own data center. Instead, applications and data today reside everywhere: on-premises, in the cloud, and at the edge. As a result, a single enterprise perimeter no longer exists.

Securing the Pervasive Perimeter

If the enterprise uses 25 different SaaS-based applications, the enterprise needs to secure each of those tiny data islands out there. Every application and data source needs to be secured. The enterprise must have visibility into how every user is accessing resources, whether they are in the office or remote.

For me, the whole work-from-anywhere model in the hybrid workplace that we have now got comes down to two key things: the need to secure user access and to provide users with what they require to connect to whatever resources are necessary. The remote connectivity needs to be as secure as if the user was sitting in the corporate office. They need to consume everything the same way, at that same level of security.

Inside the four walls of the enterprise, there are typically various security solutions protecting users. That is part of the reason the notion of just having a VPN for providing connectivity to enable remote work falls short. Instead, enterprises must have a degree of inspection and a level of security rigor to minimize the risk that organizations face every day.

Get Out of the Shadow (IT)

To be fair, all the controls that enterprise IT placed on users didn’t always work either. For example, a common challenge with centrally secured IT resources is the issue of shadow IT, where users would go around their IT departments if they couldn’t get the resources they needed.

As we’re thinking about the security models of tomorrow, it’s an opportunity to try and step out of the shadows. Now is the moment to work closely with our users to determine which applications they use and want—ones that will make them more productive—by leaning in, talking to users, and soliciting as much feedback as we can. Why? Because sometimes, we don’t know all the answers until we ask.

Shadow IT was always about productivity. Embracing a security model that supports the way users want to work, with the applications they need, will let them do their jobs better.

Survive. Thrive. Optimize.

The first phase of enabling remote work in the face of the pandemic was just about survival and making sure work could continue. The second phase was all about making the best of the situation and attempting to thrive. Now it’s time to optimize and build out the security model of tomorrow for work from anywhere to reality.

Providing a secure model for hybrid work requires agility, and it demands scalability. Gone are the days when security and remote work was only enabled by boxes and fixed licenses that limited the ability of organizations to support hybrid work properly.

What is needed is an always-on model that is cloud-delivered, available on-premises and at the edge. In addition, it is a model that should scale up in terms of resources and capabilities as needed

The secure access service edge (SASE) approach is a great model for enabling hybrid work with software-enabled paths. Layering in Zero Trust with SASE helps protect the pervasive perimeter and the various silos of applications and data that users access every day.

It is unknown what the world of tomorrow will be. Who knows what it will throw at us, but we know that there is a need to be nimble and agile. Security needs to be flexible and elastic to wrap around users’ needs, wherever they are, and no matter how they access applications.

Learn more about maintaining a secure hybrid workforce with a holistic cybersecurity platform.


Read More from This Article: Security Models of Tomorrow for Work from Anywhere
Source: News

Category: NewsDecember 23, 2021
Tags: art

Post navigation

PreviousPrevious post:Beyond the Cyber Buzzwords: What Executives Should Know About Zero TrustNextNext post:Centene CIO Mark Brooks on building IT’s business relevance

Related posts

Barb Wixom and MIT CISR on managing data like a product
May 30, 2025
Avery Dennison takes culture-first approach to AI transformation
May 30, 2025
The agentic AI assist Stanford University cancer care staff needed
May 30, 2025
Los desafíos de la era de la ‘IA en todas partes’, a fondo en Data & AI Summit 2025
May 30, 2025
“AI 비서가 팀 단위로 지원하는 효과”···퍼플렉시티, AI 프로젝트 10분 완성 도구 ‘랩스’ 출시
May 30, 2025
“ROI는 어디에?” AI 도입을 재고하게 만드는 실패 사례
May 30, 2025
Recent Posts
  • Barb Wixom and MIT CISR on managing data like a product
  • Avery Dennison takes culture-first approach to AI transformation
  • The agentic AI assist Stanford University cancer care staff needed
  • Los desafíos de la era de la ‘IA en todas partes’, a fondo en Data & AI Summit 2025
  • “AI 비서가 팀 단위로 지원하는 효과”···퍼플렉시티, AI 프로젝트 10분 완성 도구 ‘랩스’ 출시
Recent Comments
    Archives
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    Categories
    • News
    Meta
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Tiatra LLC.

    Tiatra, LLC, based in the Washington, DC metropolitan area, proudly serves federal government agencies, organizations that work with the government and other commercial businesses and organizations. Tiatra specializes in a broad range of information technology (IT) development and management services incorporating solid engineering, attention to client needs, and meeting or exceeding any security parameters required. Our small yet innovative company is structured with a full complement of the necessary technical experts, working with hands-on management, to provide a high level of service and competitive pricing for your systems and engineering requirements.

    Find us on:

    FacebookTwitterLinkedin

    Submitclear

    Tiatra, LLC
    Copyright 2016. All rights reserved.