In light of current events, many organizations are feeling the effects of life’s unpredictability. With many organizations canceling in-person events and meetings and mandating temporary work-from-home policies, companies are quickly realizing just how prepared they really are in the wake of unexpected events. In the seventh blog of our business continuity series, we’ll identify the security risks to keep in mind when enforcing a broader remote work policy in uncertain times such as these. We will also cover how VMware Workspace ONE helps you stay productive and secure irrespective of where you are working from.
In planning for business continuity in unforeseen events such as the current situation, most companies are doing their best to ensure the safety of their employees and smooth operation of the business. While many organizations have been quick to announce flexible work options, not everyone has the security infrastructure that adapts to this work environment. Securing enterprise is a lot easier when all the endpoints (laptops, mobile devices, etc.), applications and users are within the network perimeter than when they are outside. Traditionally, securing the network perimeter has been the recommended and go-to approach for most enterprises, but as workstyles have become flexible and technologies such a mobile and cloud have matured, a Zero Trust model for security is gaining traction. Unlike the traditional security model, Zero Trust does not implicitly trust any device, user or app and instead continuously verifies trust across all three before granting access to data. Such a security model offers greater flexibility and choice to employees to work from anywhere and from any device while ensuring optimal security at all times.
Intrinsic Zero Trust
Even when organizations have heard about Zero Trust or believe that Zero Trust is the right approach to address the security needs in a dynamic environment, many have not taken a holistic approach to deploying it, instead choosing single point solutions and then trying to stitch them together in some fashion. Lack of an end-to-end security that is well integrated again leaves holes in the security posture making the infrastructure vulnerable to future threats. VMware Workspace ONE instead builds right into the platform all the capabilities required to verify trust across users, devices and applications before granting access to enterprise data – bringing true Zero Trust model to bear.
Any employee irrespective of where (home, office, coffee shop, etc.) they are will almost certainly use a device (mobile, laptop, etc.) to access email, attend meetings or find enterprise information on any regular day. Using its Unified Endpoint Management capabilities, Workspace ONE is able to quickly verify if it’s a trusted device. Additionally, as the user inputs their credentials, Workspace ONE’s Access technology seamlessly brokers between a variety of identity stores and providers and offers a single sign-on (SSO) access to mobile, SaaS, web and virtual applications. As needed, it is also able to invoke native MFA or other third-party MFA solution to add an additional layer of security before granting access to the corporate information. Tying the device compliance and user credentials is our analytics and automation engine we call Workspace ONE Intelligence. Leveraging machine learning, Intelligence works on data it gathers from the Workspace ONE platform, Carbon Black’s Endpoint Solutions and our Trust Network partners to give IT and the security teams complete visibility into the IT infrastructure. Further, using its automation engine and orchestration capabilities, Intelligence orchestrates various ITSM tools (Service Now, Slack etc.) and even automates remediation efforts (push software updates and security patches, quarantine device, block access to an app, deny access to data and more.)
When the risk is deemed low and the user and device are considered trustworthy, Workspace ONE then allows access to Enterprise applications that may reside either in the cloud or the datacenter. When accessing data behind a firewall, Workspace ONE can allow only per-app VPN access to the datacenter, thereby further reducing the attack surface for any threat. Encryption is checked both at rest and in-motion to ensure the integrity of the data is maintained throughout the session, giving an added level of confidence.
Depending on the use-case, using virtual applications and desktops may be most useful for an enterprise which gives customers another level of security. But by integrating it with Workspace ONE, your company can ensure consistent user experience, Zero Trust security, continuous communications via Workspace ONE Intelligent Hub, and – most importantly – uninterrupted productivity.
While it’s tempting to react and address the immediate disruptions caused by any unforeseen event, it’s equally important to remember that security cannot be an after-thought. Protecting your reputation, securing your sensitive data and ensuring maximum productivity is a marathon and needs thoughtful preparation. Bad actors have already harvested the situation to plant info-stealing malware onto vulnerable devices. The best you can do is to be proactive and invest in a solution that helps you to PREVENT, DETECT and REMEDIATE as quickly as possible for business continuity and productivity.
Each day over the next few weeks, we will be rolling out a series of posts and resources around business continuity. We also hosted a business continuity webinar, Pandemic Preparedness and Response: How to Quickly Set Up a Remote Workforce for Success, that you can watch on-demand.