Zero Trust Access: Santa Claus Wasn’t the Only One Working Christmas Eve

The days from Christmas Eve to New Year’s Day are filled with celebrations. Many companies shut down and encourage their employees to take vacations. However, a sample of data comparing an average work week around the holiday, shows the idea of “downtime” isn’t exactly accurate. In fact, many users are accessing corporate applications even on holidays such as Christmas and New Year’s Day, particularly in the United States.

The maps of the US below show a heat map of user activity, users gaining secure access to corporate applications. The chart on the left is Christmas Eve, the one on the right is December 17th,a work day prior to the holiday period. Despite the reduction in activity, there are still a significant amount of users in locations across the US working on Christmas Eve. It’s clear that enabling secure access to corporate applications never takes a holiday.


One of the major challenges of enabling a Zero Trust architecture is granting users access to corporate applications from many different locations. As we noted above, many users were working over the holidays, either from vacation locations, or home. Users accessing corporate applications from multiple, formerly unknown, locations further complicates delivering these applications securely.

Many of these locations may have been high risk, such as coffee shops or unsecured wireless networks.  The chart below notes, once again, even during the holiday period, users were accessing corporate applications from many locations. You’ll notice the work days do have a larger number of locations where users are accessing applications for work. However, Christmas Eve and Christmas Day still have more data than the weekend of December 21 and 22nd.


The complexity of implementing a Zero Trust access architecture is not only enabling it at any time, from anywhere, but also for any device. Particularly mobile devices such as smartphones. In fact the data below shows that users were accessing corporate applications via their mobile phones over the holiday more so than a regular work day, and almost as much as they were on December 21st and 22nd. 



Just as users didn’t take a holiday from accessing their corporate applications, hackers didn’t either. The chart below shows the number of people who were victims of phishing attacks during the week prior and after Christmas. An interesting point to note is that hackers work weekends and holidays. The data from weekend of December 21 and 22nd is nearly identical to the data from Christmas Eve and Christmas Day. Another point to note is the days after Christmas are higher than any other day during this time period, and there is a steady uptick in victims from Christmas Eve to the days after Christmas. Users are not only accessing corporate applications during this time but they are also more vulnerable to falling for phishing scams, making those devices and applications even more vulnerable.


The data presented above shows being connected at any time from anywhere is a requirement for many enterprise users. At the same time, while Santa was not the only one working on Christmas Eve, it’s clear cybercriminals were hard at work as well, trying to gain a foothold into enterprise networks. The need to implement a Zero Trust architecture is constant, and Akamai can help. Our Zero Trust Access and Threat Prevention/Detection as-a-service at the edge, can help you deliver secure access to any user, anywhere, at any time, on any device. It can also help prevent malware and phishing attacks. Click here to learn more about our own transformation to a Zero Trust architecture, and get started on your own journey today.

*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Or Katz. Read the original post at:

Avatar photo

Or Katz

Or Katz is a Principal Lead Security Researcher at Akamai. Or is a frequent speaker at security conferences and has published numerous articles and white papers on threat intelligence and security defensive techniques. He began his research career in the early days of web application firewalls (WAFs) and he was OWASP Israel chapter lead between 2017 till 2019.

or-katz has 11 posts and counting.See all posts by or-katz