As the global workforce moves online, security is top-of-mind. Enterprises are grappling with securing what, in many cases, has been their entire workforce going remote, causing a strain for many security teams.
Many CISOs (Chief Information Security Officer) must secure an increasingly mobile workforce of users, vendors and contractors, often working from personal devices, accessing cloud applications that are not part of the company’s network, or otherwise risk creating new avenues for attackers.
Modern threats try to take advantage of this shift and center on gaining remote access to users’ apps and data — whether it’s with stolen passwords or exploited known vulnerabilities targeting users, out-of-date devices, cloud applications and remote access software.
Given the current increased traffic and connections to the IT environment, it’s also important to secure apps, servers and other workloads that are communicating with each other across cloud infrastructure and data centers.
“It is important to not only think about enabling remote connectivity, but also how to keep these employees secure. Cisco Security continues to receive a large number of support requests from companies that want to ensure the security of more and more employees working remotely. Cisco has provided support to customers with free security offerings for three of our key security technologies, which are designed to protect remote workers anywhere, anytime, on any device: DNS-layer security with Cisco Umbrella, two-factor authentication with Duo Security and VPN technology with Cisco AnyConnect. Since the launch of security offerings on March 10, we have added 15.3 million security users, worldwide”, said Ovidiu Neghină, Cyber Security Sales Specialist, Cisco Romania.
Traditional hardware-based security measures are effective for when teams are working within corporate walls. Cloud-based security solutions protect users regardless of what network they connect from – and enable security teams to scale faster. At the same time, an insecure but scalable solution could simply increase risk.
With more users, devices, and connections than ever before across networks, applications, and in the cloud, how can companies ensure that the right access is granted?
Companies should start the journey to a zero-trust security strategy to ensure easy and secure access across applications, devices and locations.
This approach helps secure access from users, end-user devices, APIs, IoT, microservices, containers, and more. The Cisco Zero Trust security framework helps companies prevent unauthorized access, contain breaches, and reduce the risk of an attacker’s lateral movement through networks.
Cisco has engineered integrated solutions to address three major pillars of Zero Trust: the workforce, workplace, and workload.
Cisco Zero Trust allows companies to:
- Consistently enforce policy-based controls. Duo Security provides zero-trust security for the workforce, securing user and device access to applications.
- Gain visibility into on-prem, cloud or hybrid environments. Tetration provides zero-trust security for workloads, securing connections between and within applications, across the multi-cloud.
- Get detailed logs, reports, and alerts that can help you better detect and respond to threats. SD-Access provides zero-trust security for the workplace, securing user and device connections across the network, including Internet of Things (IoT).
A simplified platform experience: How SecureX will strengthen security
Managing an organization’s security is complex – from keeping up with new business processes, tracking evolving threats and navigating a sprawling vendor landscape. According to Cisco’s CIO Perspectives 2020 survey of 1,300 global CIOs, the top two challenges facing CIOs are security, followed by complexity.
To address current and future security challenges, Cisco announced recently Cisco SecureX, the broadest and most integrated cloud-native cybersecurity platform, which is available globally starting June 30, 2020.
SecureX connects the breadth of Cisco’s integrated security portfolio with customers’ entire security infrastructure for a consistent and simplified experience. It unifies visibility, enables automation, and strengthens security across network, endpoints, cloud, and applications.
No matter where companies are at in their maturity journey, SecureX will accelerate growth. It does this without requiring to rip-and-replace components of the security ecosystem or invest in new technology – SecureX is built into the Cisco Security solutions companies already have. A single sign on account with authentication makes it easy and secure for users to log in while reducing backend complexity for IT.
In addition to the simplified experience SecureX brings, Cisco Security is also unveiling new enhancements and integrations to further secure the remote workforce including:
- Greater unified user and device protection through an integration between endpoint security and MFA (Multi-factor Authentication).
- Customers can use cloud email with greater confidence. Cloud Mailbox Defense for Office365 provides complete email visibility (inbound, outbound, and internal messages) with context to strengthen protection against advanced email threats such as phishing, ransomware, spoofing and spam.
The demands on securing the future of the organizations will continue to escalate. The platform approach is not a new idea. But in the face of growing complexity, the market is evolving to a new level of native integrations across a portfolio that enables better outcomes. This new approach is well positioned to solve the security conundrum and transform security from complex to cohesive.