Cloud Security Challenges in the Next Phase of WFH

As remote work becomes the new normal, organizations must address their cloud security to protect their data and employees

Many organizations have been operating with a newly expanded remote workforce for several months now. And while most of the original challenges related to getting these remote workers up and running have been addressed, such as ensuring everyone has a secure device and connection, there are still serious security challenges to be addressed.

One of the most pressing challenges is the attitude that security for remote workers requires less time and resources than traditional security because their remote worker strategy is only temporary. Setting aside for the moment the issue that cybercriminals have been ramping up their targeting of remote workers, the fact is that for a growing number of organizations, this new remote worker paradigm is going to be the new normal.

Remote Work is the New Normal

A recent UK survey, for example, shows that 1 in 3 office workers want to continue working from home. And in the U.S., according to a recent Gallup poll, only 1 in 4 workers want to return to the workplace once restrictions are lifted. And this trend isn’t just limited to workers: According to a recent Gartner survey, 82% of company leaders plan to allow employees to work at least some of the time remotely.

This trend has already taken hold at a growing number of large organizations. Facebook, for example, announced that it will permanently shift tens of thousands of jobs to remote work and that up to half of its employees could be working remotely within five to 10 years. Jack Dorsey, the CEO of both Twitter and Square, recently informed his employees that they could continue working from home “forever.” Nationwide Mutual Insurance Company, which has regional headquarters across the country, just announced that it will shift employees at most locations to a permanent remote work environment. And Barclays, the multinational UK investment bank and financial services company, has announced the same thing.

Getting Serious About Remote Worker and Cloud Security

All of this means that it’s time for organizations to get serious about implementing the kinds of security necessary to not only secure the remote worker edge and inspect VPN connections, but also make this part of a unified, comprehensive strategy that also includes cloud-based resources. And that ties all of it into a single, integrated security framework designed to simplify management and expand visibility and control.

Fortunately, most organizations now have the data and insight they need to understand how remote work has been impacting their applications, life cycle and IT infrastructure—including how it affects traffic to applications that are located on-prem and in the cloud.

Baseline Traffic and Behaviors

The first step is to baseline how today’s network traffic, workflows, applications and security events compare to how they looked yesterday. This will reveal areas in the network that have been the most impacted by new traffic patterns, including new choke points and areas where there are more threats than in the past. Many organizations are seeing new bottlenecks associated with access to cloud-based systems and applications, and quality of experience is being affected as a result. However, many organizations may not be in a position to baseline behavior across their entire distributed network as they have different security solutions in place on-prem and in the cloud.

Identify New IT Patterns, Both On-Prem and in the Cloud

Another area that desperately needs attention at many organizations is the identification of new IT service management patterns. This includes what changes IT had to make to get the workforce up and running remotely, what impact those changes had as well as any additional changes that will need to be made based on new traffic patterns and cloud deployments.

And while remote workers were likely accessing cloud resources long before the current crisis, a couple of things may have changed that need to be addressed. For example, because remote workers are no longer accessing cloud resources from behind the corporate firewall, significant pressure is being placed on cloud-based security solutions. This is especially true if such security was initially implemented with the idea that traffic would only flow to and from a secured environment.

Likewise, the IT life cycle with regards to the cloud may have also changed. For many organizations, IT administrators may now be accessing the cloud more than they did in the past, which may require additional layers of protection. To be sure, IT teams need to baseline IT behaviors looking at these points as well as whatever cloud resources that remote employees may now be accessing.

Assess Current Risk

In this new networking environment, where are your cyber threats coming from? And what do you need to address them in terms of risk management? Remember, as the attack surface changes, so do threat vectors. Many cybercriminals have shifted their attack strategy by reducing their volume of traditional network-focused attacks, replacing them with tactics such as phishing designed to exploit potentially less secure remote devices and novice teleworkers. And as more applications and resources are moved to the cloud to better accommodate remote workers, cybercriminals are also looking to steal cloud access credentials.

Cloud Security: Getting Started

Making the necessary changes required to secure this new remote worker environment requires looking at technologies designed to provide visibility across all three of these areas. For example, integrating the logs and alerts being generated by remote workers into the broader security architecture is essential if IT teams want to get serious about seeing and addressing new threats.

It starts with replacing stovepiped security solutions with a broad, platform-based architecture designed to span the entire distributed network, including endpoint devices, remote connections, physical networks and databases and the whole range of distributed, multi-cloud services. Next, security tools need to function as a single, integrated system, sharing threat intelligence and automatically responding to threats in a coordinated fashion. Such an approach enables security and networking devices alike, regardless of where they are deployed, to participate in holistic and active threat detection and response strategy.

And it requires technology designed to maintain the high-performance requirements for business-critical applications being delivered to individual workers across the public internet by integrating network security with endpoints, applications and multi-cloud environments.

Combining remote workers with the cloud can enable immense business opportunities. But without the right security infrastructure and operational framework in place, the cloud presents serious security challenges that can have far-reaching repercussions. However, by integrating every security element across the entire attack surface, automating security automation across multiple clouds and developing cloud-specific security frameworks coupled with centralized policy management for regulatory compliance, security can stretch across the full application life cycle. This ensures a secure cloud services hub that can meet the demands of remote workers today and tomorrow.

Featured eBook
Identifying Web Attack Indicators

Identifying Web Attack Indicators

Attackers are always looking for ways into web and mobile applications. The 2019 Verizon Data Breach Investigation Report listed web applications the number ONE vector attackers use when breaching organizations. In this paper, we examine malicious web request patterns for four of the most common web attack methods and show how to gain the context and ... Read More
Signal Sciences
Lior Cohen

Lior Cohen

Lior Cohen is Senior Director of Products and Solutions – Cloud Security at Fortinet. He has over 20 years of experience working in the information security, data center network and cloud computing spaces. Lior serves as Fortinet’s lead for cloud security solutions with a focus on securing enterprise public cloud-based deployments and private cloud buildouts. Lior previously held a variety of vendor and customer side positions in the cloud security space, including cloud solutions architect, information security consultant and subject matter expert for SDN, virtualization and cloud networking for leading industry vendors.

lior-cohen has 3 posts and counting.See all posts by lior-cohen