In the last 12 months, 81% of organisations have suffered a security breach. That’s an average increase of 52% in just one year.
In the context of everything that has happened over the last few years, one can’t help but wonder – how much can we blame this increase on the impact of the pandemic and specifically, the move to more remote working? As a semblance of normality returns for many of us around the world and businesses consider future working practices, will these numbers and therefore security be used as a reason to force remote workers back into the office?
This was the big question posed in the first episode of our new blog content series ‘Convergence’ which looks at the gradual convergence between three distinct technology areas – networking, security and digital workspace – as a consequence of widespread multi-cloud strategies across business.
Our expert panel of Nick Cross, vice president of networking and security sales, VMware EMEA, Ralf Gegg, vice president of end user computing sales, VMware EMEA and David White, director of security solution engineering, VMware EMEA discussed what businesses need to change to find the balance between flexibility and security for a hybrid future.
Are businesses ready for hybrid working?
The topic of hybrid working has been covered exhaustively in the media, but that doesn’t necessarily mean that businesses have got themselves in a position where they can successfully and effectively support a hybrid working model.
For Nick, the answer to that question and any effective hybrid strategy has to start with data availability. To make hybrid work, your employees must be able to access data from anywhere securely. For many businesses that means a modernisation of infrastructure.
But, as Nick said, “similar to the London Underground in the UK, you are limited by how much you can modernise the connections based on your current state, your starting point”. With networking as the underlying fabric that connects everything together, many businesses need to upgrade their older networks to accelerate the transition to the digital workspace.
Is this also the case for security?
As David argued, “a successful cyber attack is almost inevitable, whether the workforce is at home or in the office”. As new technology comes online the bad guys will very quickly find a way around it. The issue is that securing a home working environment is more complicated than securing an office environment. IT teams have to secure not just laptops but also home WiFi networks that they’re accessing.
These more complicated requirements are where the rise in attacks over the last 12 months likely stemmed from. At the start of the pandemic, employers were focused on providing the hardware that employees would need to continue working and the focus on security took a back seat.
Now, businesses need to adopt a different method of security from the traditional perimeter approach. Nick picked up that thread. Security used to be a moat around the castle. With remote/hybrid working, there are now thousands of castles all over the place. To support remote workers, businesses are integrating more devices and connecting them into the network – out of the edge, into the cloud and back into the corporate datacentre.
Modern security is about implementing unified security at the core control layers – endpoints, networks, identity systems, clouds and the workloads running on them. It’s about making security intrinsic, not a bolt on solution.
What is the impact on businesses that don’t upgrade?
From a security perspective, businesses that don’t have robust tools or training in place are simply low hanging fruit for the bad guys.
From a consumer experience perspective, it’s no longer acceptable to get “due to the pandemic, there is a longer than usual delay” message when contacting companies, believes Nick. The companies that adapted quickly and implemented new security and networking models are providing a better consumer experience.
They have also – according to Ralf – “not only leveraged remote work for office workers but tried to expand the concept of hybrid work to the business – retail, manufacturing, logistics – optimising their business for the new hybrid work styles” and that is where true innovation is taking place.
To conclude – is security a good enough reason not to adopt hybrid working?
From David’s perspective, while the bad guys may adapt, so does security and today businesses can access anywhere workspace tools with security built in to make them more robust but also less restrictive. This includes the increasingly flourishing app culture that comes with hybrid working so for Nick, being able to provide secure access to the apps that help people do their jobs will be paramount.
Ultimately – said Ralf – the traditional campus-based model with VPN should be gone. Architectures for hybrid working are all about flexibility and that is where IT departments are heading.
For all three of our panel members, the benefits of the hybrid model – flexibility, better work-life balance, staff attrition, productivity – are too good to resist. By adapting, converging and modernising security and networking, businesses won’t have to.
To listen to the conversation and future episodes of the ‘Convergence’ content series click here. Next up in the series, we will be discussing the divisive topic of employee surveillance.