With distributed workforces becoming the norm, cloud-based network access requires tighter security via ZTN, argues this zero trust expert.

Even before the COVID-19 pandemic began, remote-working was a business trend that was already gaining traction in Asia.

The flexibility of being able to work from wherever, whenever is appealing to both employers and employees. Therefore, many enterprises provided modest capacity for day-to-day remote-working while keeping the majority of the workforce within the brick and mortar walls of the office.

However, the current global health crisis has led countries like Japan to mandate a 70% cut to commuters in April, necessitating businesses to allow employees to work from home to ensure business continuity.

No one knows yet when the workforce could fully return to the office, but offices in Asia have to grapple with working from home for the time being.

Tackling the security concerns

While more employees are now working from home across the Asia Pacific region, using personal devices to perform work duties also raises security concerns. According to a recent study, 62% of respondents in the region used their personal devices to work remotely, while 86% used a mix of company-issued and personal devices.

These employees believed their devices were not fully secure against advanced cyber risks; 65% in Japan perceived their devices to be “somewhat secure”, and 16% said devices they used to work from home were “not very secure” or “not secure at all”.

Adopting an agile approach to security

The rise of cloud, virtualization, bring-your-own-device (BYOD), and ‘everything as a service’ has unmoored the enterprise environment with a faster migration from traditional data centres to the cloud —especially since the pandemic.

Hence, it is imperative for security to be equally agile so that secure access solutions can be flexibly deployed and scale within hybrid IT and multi-cloud environments.

Conventional perimeter defenses must be supplemented with more agile, elastic data protection approaches. Increasingly popular secure access concepts such as Zero Trust are built on the notion that apps and workloads are no longer bound to specific locations and are more likely cloud-distributed.

An evolved architecture needs to protect the data and resources wherever it is stored and however it is transmitted. Zero Trust offers a ‘verify first before grant’ methodology that aligns with today’s digital transformation efforts and mobile workforce.

The security and flexibility provided by software-defined secure access solutions are more likely to be extended whenever Asia returns to some kind of normality.

While many organizations will continue to invest in hardware, the deployment, scalability and availability benefits of virtualization and the cloud will be a more compelling investment.

The perimeter has moved and transformed. Increased remote-working is helping fuel migration to virtual, cloud and hybrid computing.

Continuous verification and authorization

The traditional data center and the brick-and-mortar office must make way for utility computing as the new digital enterprise requires greater agility, flexibility and scalability of apps, resources and data deployment.

Workers must be able to securely-use cloud apps in their home, as easily as they do in a coffee shop. To mitigate added risks, secure access must go beyond password management and incorporate multi-factor authentication, always-on VPN, security posture checking and behavioral analytics as part of a Zero Trust defense.

With Zero Trust, only authenticated users with compliant devices (including personal devices) can connect to authorized applications over any network. Organizations looking to implement Zero Trust should adopt an integrated suite of solutions that offer a simplified, modular and seamless approach that modernizes access productivity, management and control.

The adopted solution should offer a streamlined user experience, enhance security compliance and a reduced total cost of ownership. It should also be interoperable with the existing network, cloud and security infrastructure while supporting a hybrid IT model and a vast array of applications.