How businesses can stay cyber secure in the new normal of remote work

Gone are the days when everyone worked from the office, shielded by a firewall keeping out various threats. Employees now have to switch to working from home whenever Covid-19 restrictions are tightened, relying on their home networks and devices to work remotely - from anywhere.

The pandemic has not only brought about a radical shift to remote working, but also created new security challenges for businesses. The recent high-profile cases of ransomware attacks, such as the ones against Colonial Pipeline and JBS in the United States last month that resulted in millions of dollars extorted, have set off alarm bells across the world.

For one, the traditional perimeter-based network defence is no longer feasible. To start with, there aren't any physical perimeters to defend any more, as people are connecting from everywhere. Companies have to make sure that staff are not only connected but also connected securely.

It has become too operationally intensive to manage the surge in the number of devices accessing work applications remotely via the unprotected public cloud as well as the multitude of security solutions, adopted over the years to target different security concerns.

The pandemic also forced businesses to accelerate their digital transformation and move more applications and data onto the cloud environment. The reliance on cloud computing will continue to grow as businesses adopt digital-first and contactless strategies, and harness the power of Big Data, Artificial Intelligence and other emerging technologies to drive digital transformation.

New challenges in the new normal

BT in your inbox

Start and end each day with the latest news stories and analyses delivered straight to your inbox.

Sign Up

Sign Up

The PwC Digital Trust Insights Survey 2021 found that nearly half of the Singapore companies surveyed are prioritising accelerated digitalisation (for example, e-commerce models, direct to consumer, new business models, virtual workforce) over anything else in the next year. About 42 per cent of organisations in Singapore are also accelerating cloud adoption, notes the survey of 3,249 business and technology executives from around the world.

While cloud services have enabled business continuity and brought about benefits such as increased connectivity and ease of remote collaboration, the increased complexity of cloud computing has opened up more security gaps. For instance, last year's Thales Data Threat Report (Asia-Pacific Edition) showed that only 52 per cent of sensitive data in the cloud is protected by encryption. Two-thirds of Asia-Pacific organisations also feel vulnerable to internal attacks, with nearly half (45 per cent) suffering a breach or failing a compliance audit in the last year.

As 5G networks become common in Singapore and the world, even larger amounts of data will be generated from IoT (Internet of Things) devices and machines distributed across business networks and infrastructures.

Increasingly, more data will be generated and analysed nearer to these multiple sources. Gartner estimates that about 75 per cent of enterprise-generated data will be created and processed outside a traditional centralised data centre or cloud in 2025. The figure was 10 per cent in 2018.

Clearly, there is the need to not just protect highly centralised cloud computing networks, but also create a stronger edge network closer to where the data is being generated for quicker processing and analysis.

Singapore executives are keenly aware of the increased security risks of doing business digitally. According to the PwC Digital Trust Insights Survey 2021, they said the threats that are most likely to occur in the next year and potentially the most devastating are attacks on IoT (77 per cent voted "highly likely"), cloud service providers (65 per cent), and social engineering (74 per cent).

New security solution for businesses

Yet, even for many mid- and large-sized organisations that do have a dedicated IT or cyber security team, the security challenges in the new normal may look daunting. The solution lies in a combination of customisable cyber security tools to protect network assets against heightened cyber threats.

Enter SASE, or Secure Access Service Edge.

This solution is, in fact, an approach that spans different security technologies, consolidating digital networks and cyber security functions while providing enhanced protection and optimised performance.

SASE consists of security-as-a-service offerings that typically come with a number of protection layers to keep out cyber threats. They could include a firewall and a cloud-secure gateway, for starters.

At the same time, such solutions would also enable businesses to start providing zero-trust network access and deploy a cloud-access security broker. With this, they can set up features such as Internet security, threat prevention, Web address filtering, sandbox detection and DNS (domain name server) security.

Simply put, SASE is about authentication at the application level (user and device), granting access to specific applications rather than to the entire network. It enables enterprises to expand their network perimeter to edge networks to provide secure access to any remote user, branch office, device or application.

SASE also has extensive wide area network (WAN) capabilities such as software-defined networking (SD-WAN). Besides supporting organisations' successful migration to the cloud, it also provides security and network services at optimal speeds to enable remote workers to better connect to IT infrastructure. This includes on-premise data centres, public or private clouds as well as other Software-as-a-Service (SaaS) set-ups.

According to Gartner's 2021 Strategic Roadmap for SASE Convergence, at least 60 per cent of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch and edge access by 2025. This is up from 10 per cent in 2020.

These are impressive growth numbers, and for good reason.

SASE extends a simpler infrastructure with secure protection for users, applications and data on the cloud regardless of device, location or network in the new normal of remote work and rapid digitalisation. The best part: It is easily scalable according to business needs.

Gartner also predicts that 30 per cent of all enterprises will adopt cloud-delivered SASE services by 2024, up from 5 per cent in 2020.

Cost-effective and customisable

This is why StarHub has teamed up with Palo Alto Networks, the global leader in cyber security, to deliver the Managed SASE solution to enable businesses to modernise their infrastructure and beef up security to help protect their network assets spanning offices, remote workplaces and cloud environments.

More than just being an effective security solution, this offering from StarHub makes things simple and more flexible for organisations by eliminating the need for complicated, outdated stacks of security solutions.

This is especially critical for today's uncertain times, as businesses need to adapt quickly to evolving situations and make changes swiftly in order to thrive. They will require a suite of customisable cyber security solutions that best fits their needs in their digital transformation efforts.

Business customers of StarHub's Managed SASE only have to deal with one service provider instead of several. Furthermore, instead of buying and managing multiple point products, having a single platform will dramatically reduce costs and IT resources.

Just as importantly, StarHub's cloud-delivered solution reduces complexity. Businesses can simplify their IT infrastructure by minimising the number of security products their IT teams have to manage. They can consolidate their security stack into a cloud-based network security service model.

StarHub's team of specialised consultants also provide 24/7 change management and support for the Managed SASE services, freeing up their in-house IT teams for more value-driven work.

A Managed SASE solution like StarHub will prove critical in a fast-moving and unpredictable business climate, where agility matters even more.

It will help businesses unite networks and network security on their transformational path to become more agile and digital. This way, they are better positioned to respond faster to disruptions or crises.