The Future of Network Security: Identity, Segmentation & Securing the Edge

Originally posted on The Jerusalem Post

What it takes to properly secure corporate networks in the world of remote work, BYOD & IoT

The workplace has changed thanks to COVID-19. Many of us continue to spend most, if not all, of our workdays at home, juggling Zoom meetings, kids, pets, relationships, cooking, cleaning…you name it. Since at least February 2020, organizations around the world have altered the way they operate – encouraging their employees to stay home, stay safe, but stay available.

On top of the immediate operational challenges that companies faced when shifting to full or hybrid work environments, the rise of remote work in response to COVID-19 has pushed a number of network security shortcomings to the surface. In response, cybersecurity vendors and IT professionals have accelerated the development of and search for solutions to fill these network security gaps.

As we return to the office and arrive in a post-COVID-19 world, these areas will dominate the evolutionary direction of corporate network security…

The Role of Identity

As people, we represent the weakest link in the network security armor. While we may wish we were infallible, we’re really full of bad cybersecurity habits, like weak passwords, forgetting to back up data, or clicking on hyperlinks in emails from strangers. Our identities, however, can also be our strongest means of securing networks. The rise of multi-factor authentication (MFA) identity and access management (IAM) tools is allowing organizations to verify employee identity and authenticate their access to the network in real-time, no matter the employee’s location or whether they’re attempting to connect with a managed or personal (BYOD) device.

Network Segmentation

Segmenting the network is a cybersecurity best practice. Period. For any companies, this practice is even a regulatory requirement (e.g., the Payment Card Industry data security standard (PCI)). Network segmentation is simply a means of dividing up a network into smaller parts, ensuring the right people only have access to the parts of the network that are relevant to them. It is a measure that improves the effectiveness of an organization’s investments in other security tools, and can help to prevent significant damage to critical data across the network after a company has experienced a breach.

Securing the Edge

Gartner introduced SASE a few years ago. It represents a new enterprise networking technology category that converges the functions of network and security solutions into a single, unified cloud service. This marks an architectural transformation, as it allows IT teams to leverage a holistic and flexible service to their businesses. Critical to this budding area is NAC. Specifically, the movement of NAC to the cloud eliminates expensive on-site hardware and hidden maintenance costs. With cloud NAC, like Portnox CLEAR, all that’s needed to control network access across a geographically dispersed network is an internet connection.