The workforce is remote, the data center is the cloud, the corporate network is the internet, and the security stack is at the edge.
In Part 1, I focused on the future of work, the most obvious feature being that the workforce is even more distributed, even more remote. Employees expect to be able to work from anywhere, not just in the office, and increasingly they do work from anywhere. Likewise, applications are no longer centralized in a data center. Rather, applications live in the cloud, maybe multiple clouds, and in many locations. Let’s not forget, also, that the threat actors and the bots they use can be located anywhere and be highly distributed.
Set against this landscape, our approach to enterprise security must change. It is natural to ask, “How do we protect our applications, our data, and our employees when everything is in the cloud and when the corporate network is spread out among employees who can and do work from anywhere?” The answer is that security has to transition from a mostly centralized appliance-based model to a distributed as-a-service model with controls delivered at the edge, as close to the users and applications as possible.
The remote workforce makes an enticing target for cybercriminals. We have seen that employees now frequently use the same devices for work and for personal activities, and this mixing makes work devices easier targets. In addition, the traditional remote access model, the virtual private network (VPN), means that if cybercriminals can gain access to the device, then they can gain access to the inside of the corporate perimeter. Enterprises need to be more focused than ever on securing remote workforces.
Enterprises also need to be more focused than ever on protecting their applications and APIs. In 2020, DDoS attacks exploded, with the largest spike at the end of June. As John Summers will discuss at Edge Live | Adapt, there has also been an increase in web application and API attacks while bot activity and automated credential stuffing continues full steam ahead. Relying on old-fashioned credential verification is too slow and too vulnerable to attacks and disruption.
To protect employees and applications, wherever they may be, from attackers, wherever they may be, Akamai’s security solutions are based on a unified security stack located at the edge. We follow the principles of Zero Trust, and we unify many of the components of the Secure Access Services Edge (SASE). With this model, security is omnipresent. Rather than backhauling user and application traffic to the security stack, we have moved the security stack to the users and the applications to the edge.
Akamai’s edge platform is uniquely positioned to deliver on the promise of shifting security and access controls to the place they matter most. To find out more, tune in to Edge Live | Adapt. Register here.
You can adapt to change — no matter how relentless or fast-paced — by registering now for Edge Live | Adapt on November 10 and 11. You can also win a high-end Beoplay Home Speaker, Macbook Air, or Apple Watch Series 6 by playing Akamai Crack the Code before Akamai Live. Take this flag with you to the challenge site, it’s the first one you’ll need and it’s worth two points:
*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Robert Blumofe. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/4d6B-AkEsSA/corporate-office-and-kitchen-table-securing-the-future-of-work-part-2.html