The disruption of the past 18 months has driven businesses towards remote working and decentralised IT environments. But that has created security challenges which perimeter defence strategies don’t address.
HP’s 2021 Blurred Lines and Blindspots report highlights just how significant these challenges are for enterprises. The survey found that 71 percent of office workers are accessing more company data, more frequently, from home than they did before the pandemic. The survey also found that half of office workers think of their work laptop as a personal device.
Furthermore, 30 percent of office workers admit that someone other than themselves uses their work laptop. And 70 percent of office workers admit to using their work device for personal use – such as for online shipping, games, life administration and education.
This personal use of work laptops is taking place amid several related cybersecurity challenges for companies. These include the use of personal, consumer-grade IT equipment, such as home Internet routers and printers, to access corporate networks. There has also been a sharp increase in malware and phishing scams. And of course, some IT personnel may find it more difficult to patch operating systems and other software when they are not at their work premises.
Securing decentralised IT environments
Traditionally, enterprise security has been orientated towards perimeter security – which is geared to blocking out unwanted intrusions and data via firewalls, spam filters and intrusion detection solutions.
But management of this environment is only possible when all the devices and data centre elements are located together and the IT security team has tight control over the entire environment. That’s rarely practical with modern, decentralised IT, which is why a zero trust approach to security is typically better.
Zero trust security uses permissions, network segmentation, layer 7 threat prevention and granular user-access control in a way that assumes that every device and user connecting to the network is not trustworthy, even if they’ve been previously verified.
The need for zero trust is increasing with enterprises embracing the cloud for critical workloads. Earlier this year Gartner predicted that cloud security spending, driven largely by zero trust solutions, would increase by 41.2 percent (from a small base) between 2020 and 2021.
The channel opportunity
CIOs and their security teams face three challenges when shifting to zero-trust security:
- A piecemeal approach creates security gaps. Zero trust is an all-or-nothing approach, making IT environment particularly vulnerable through the transition.
- Zero trust security requires ongoing monitoring and administration. It relies on strictly defined permissions for every application and process, each tied to an individual. Permissions must be kept up to date as the workforce changes. So zero trust security solutions should make that work as straightforward as possible.
- Zero trust can slow down work by requiring people to constantly manage their permissions and ensure they have access to critical files. CIOs and security teams therefore need to ensure that the zero trust security solutions don’t compromise productivity.
These challenges make zero trust an ideal solution for the channel, which can architect solutions to deliver security without compromising work. And MSPs can facilitate the management and maintenance of zero trust environments.
HP Wolf Security – a new breed of zero trust endpoint security
To enable the channel to do this, HP has introduced the HP Wolf Security, which is a portfolio of PCs and printers, hardware-enforced endpoint security software, and endpoint security services designed with zero trust principles.
HP Wolf Security implements protection on the most vulnerable devices – PCs and printers located in home offices. And it harnesses state-of-the-art technologies to reduce pressure on IT teams. These features include self-healing firmware, in-memory breach detection and threat containment via virtualisation and cloud-based intelligence.
Additionally, HP Wolf Security is designed to shrink addressable attack surfaces, enable remote recovery from firmware attacks, enhance threat data collection and deliver high fidelity alerts.
HP Wolf Security has a small and mid-size business offering, enabling channel companies to provide security technology typically reserved for enterprise IT environments to SMEs. Features include threat containment, malware prevention, identity protection and hardware security.
This new breed of endpoint security solutions provides the channel with a renewed opportunity to help protect Australian businesses of all sizes continue adapting to hybrid working.
And with research commissioned by the NSW Government showing that almost 60 percent of SMEs larger than a micro-business do not feel well-informed about the risks of cybercrime, help is indeed needed.
For more information about HP Wolf Security, click here.