The current realities of the COVID-19 global pandemic have forced many enterprises into new remote working practices. While remote working has been steadily increasing in recent years, for many organizations in services, education and government this may be the first time they’ve adopted teleworking in a big way. The recent surge has created several new concerns in terms of network security. One of the biggest challenges is that the change came suddenly, without warning. There was no time to prepare and get the needed infrastructure in place. No time to set up secure remote working practices and devices, and train employees accordingly. So now, network and security teams need to find a solution quickly to scale their firewalls.
Increase in traffic
The sudden swell in the number of people needing access to the enterprise network from a remote location has resulted in higher traffic volumes and hundreds or thousands of simultaneous connection requests. It also means there are large amounts of encrypted traffic entering the network. To cope with this demand and keep the firm secure, some large organizations have had to rotate access and set up schedules to cope with capacity. This may work in smaller, less mission-critical industries but it isn’t ideal, and it isn’t sustainable.
Increase in the use of personal devices
For those firms where the majority of employees normally work in an office using a company-owned computer, there’s another security threat. More remote workers are currently using personal devices to access the enterprise’s network, and these aren’t always as well protected as internal devices. Many employees are using their smart phones which aren’t renowned for robust security. To add to the challenge, home routers are notoriously insecure.
“The risks — including insecure WiFi connections; open printer ports; browsers with all manner of unvetted plug-ins, trackers or social media feeds; document shares on unprotected cloud folders; and more — will give us fits,” says Jim Purtilo, associate professor in the computer science department at the University of Maryland.
Increase in COVID-19 related malware
Unfortunately, cyber criminals are exploiting an already horrific situation with phishing emails which purport to be about the virus. With heightened levels of anxiety, it’s no surprise some employees are clicking on these emails, landing them on malicious websites. According to Colin Bastable, CEO of security awareness training company Lucy Security, “over 90 percent of attacks are delivered by email.”
Remote workers can also be more vulnerable as they may be more distracted at the moment. The reality is that employees are simultaneously completing work-related tasks while browsing shopping sites or personal social media platforms. This means they may not pay the attention they normally would to a suspicious email. Users are typically the weakest link in any security policy, and with workers being remote it’s much harder to remind them of good security practice and enforce it.
The need to scale traffic inspection
Because of these challenges, security and network architects need to be able to respond immediately to increases in encrypted traffic, unsecured devices and cyberattacks. They need to be able to scale traffic inspection so they get 100% SSL/TLS visibility and turn on NGFW features that may have previously been disabled due to performance issues.
It’s impossible to do that at the push of a button using the traditional, hardware-centric approach to network security; it’s too costly and time consuming to install a new firewall to cope with the sudden surge in capacity and inspection. And in some cases or regions, this may not be possible during COVID-19 restrictions.
The current situation highlights that we need to move to network security virtualization and deploy a platform which allows us to elastically add virtual firewall capacity rather than being forced to upgrade specialized, single-purpose hardware. We have to be able to spin inspection capacity up or down, using however many virtual NGFW instances, with a user-friendly dashboard which intelligently orchestrates and manages all those VMs. This turnkey approach to virtualization provides the flexibility and scalability we need when things change suddenly.
While we all hope the COVID-19 situation is resolved quickly, the fact that more people are currently working from home may prompt employers and employees to switch to more remote working, making these security considerations a long-term issue. Even when staff return to the office, network traffic needs, the traffic mix and the amount of encrypted traffic are only going to increase. It’s impossible for anyone to accurately predict the exact amount of traffic, traffic mix, or number of users a firm will need on any given day in the future. That’s why security professionals need the agility to scale traffic inspection at the push of a button and at a moment’s notice.
Contact Corsa Security to discover how a turnkey network security virtualization platform can scale your traffic inspection to examine 100% of your traffic.