Zero trust in a hybrid working world

While hybrid work predates the Covid-19 pandemic, the last two years saw companies rely primarily on remote work for operations. What began as a 'temporary fix' is here to stay.

But, whilst employees enjoy the flexibility of connecting to the corporate network from anywhere, security teams have been left to pick up the pieces. It's no longer enough to build a moat around the office park to keep employees safe. In this landscape, the attack surface is much broader. Each worker's device connecting from home is a new potential vulnerability for bad actors. Protecting the network far and wide has never been more important. It has also never been more difficult to achieve.

A complex landscape

Hybrid work isn't just about people working in different places. It's also about the expansion of the network. Once upon a time, a worker went to an office park and connected a work computer to the corporate network. As employees work from home, on relatively less secure home networks, smartphones, internet connected doorbells, home routers, and even baby monitors are introduced as avenues of potential compromise.

To make matters worse, whilst everything seems to be getting smarter and more connected, the reality is that some devices just aren't being designed for our new world from a security perspective. If these devices aren't protected properly, they could negatively and seriously impact both businesses and the general population.

No matter how paranoid it sounds, a key ingredient of a successful security strategy today is to assume that your systems have already been compromised. An organisation needs to take for granted that all connections are insecure and everyone is a potential threat, even its own employees. Companies should adopt this "zero trust" approach to implement the most proactive security to protect their expanded and hybrid IT infrastructure.

Trust no one

A zero trust framework provides the highest level of defence in depth. Its many layers mean that, as data flows through an organisation's network, all parties undergo restriction, reauthentication and validation at every point. This enables the organisation to protect every app and device connected to that network. It also limits the damage that adversaries can do if they do get inside-making mitigation and recovery much less costly. In fact, last year's Cost of a Data Breach Report by IBM found that fully deployed zero trust models saved companies 43 per cent on average when it came to costs associated with a data breach.

When it comes to zero trust, modern security technologies, such as DNS (Domain Name System) play a foundational role through granting security teams unparalleled visibility. Every device that enters or leaves a network - whether it is authorised or not - must touch DNS. As a result, DNS has the power to see every connection point, enabling IT and security teams to know exactly what each personal, corporate, and IoT device is doing at all times. By merging DNS with DCHP (Dynamic Host Configuration Protocol) and IPAM (IP Address Management) into a single solution, IT teams can detect threats at the earliest stages, identify compromised machines and correlate disparate events related to the same device.

Adding these types of security and threat intelligence services accelerates threat hunting, which helps an organisation's existing security investments to perform better, no matter where employees are logging on from. For example, if the DNS Firewall detects and blocks a request to a malicious site, it can automatically trigger the network access control system to quarantine that user into a sandbox until it can be further researched by an analyst, dramatically reducing the time and effort needed to track down and isolate infected devices.

With hybrid work here to stay, security strategies need to catch up to protect the expanded attack landscape. Organisations need to have the tools and steps in place to authenticate users, limit access and boost visibility across the entire network. Zero trust offers the best framework yet to get hybrid security right.

Max Locatelli is regional director Western Europe at Infoblox