The world is in its second month of “social distancing” as we try to halt the spread of the novel coronavirus, and it’s no longer a global experiment in working from home—it’s our new reality.
We know that the “normal” world that we return to will be dramatically different from the one we left. But the question on everyone’s mind right now is: what exactly will be different?
Last week, I read an article in the Wall Street Journal that tried to forecast some of the changes that this pandemic is accelerating in the world of cybersecurity. In brief: it’s going to be cloudy.
“The pivot to working from home highlights the benefits of cloud-based services that can quickly scale up defenses around decentralized employees,” they wrote.
The overnight shift to near universal WFH status has challenged even the largest organizations. Everything from network infrastructure, to the devices that we use for work, to our assurances that users and corporate data remained safe and secure, has had to be re-thought on the fly.
Cybersecurity in particular quickly rose to the top of everyone’s list of concerns as bad actors took advantage of fears of COVID-19 for phishing campaigns and other cyberattacks. Many turned to VPNs in response—establishing private connections between users and the corporate network to encrypt and protect sensitive data.
But, as we’ve noted before, VPNs are only a partial solution. VPNs can only provide security when they are used to connect directly to a company’s internal network.
These days, more and more companies are using cloud-based applications like Office365, Google Cloud, and SFDC to get work done from home. And since many users are accessing these applications via the wider internet—and not through a VPN connected to the corporate network—they remain vulnerable to these cyber threats. Furthermore, VPNs rely on existing on-premises security infrastructure, which can be difficult to scale up and may not work as well with large numbers of remote workers.
As the Wall Street Journal article indicates, and we at Infoblox believe, “short-term spending to keep workforces up and running will likely veer toward the cloud as the economy recovers and executives plan for a more remote-friendly future.”
Cloud-based security services make it easy to scale and add new users and devices, and aren’t reliant on physical infrastructure to keep users safe. In fact, they can often be deployed without any new physical infrastructure at all.
Since some 90% of malware uses DNS in some way, using a DNS security solution that can detect malware and other cyber threats is one of the best and most cost-effective ways that companies can secure a large and distributed workforce.
At Infoblox, we recommend that organizations secure their employees and enterprise assets with cloud-based DNS security solutions like BloxOne™ Threat Defense, that can provide a ubiquitous layer of security for teleworking employees, no matter where they set up their remote offices.