The 2020s Require A New Approach To Data Privacy And Security
The way that most companies are physically structured and connected has changed dramatically since the Covid-19 pandemic arrived in 2020. The pandemic showed that most office-based employees can work productively from their home, and many corporate leaders have now embraced a hybrid work environment, even after the threat from Covid subsided.
Research from McKinsey published last year explored how working practices have changed, and the results are surprising. In the US, 58% of all employees now say that they can work from home at least one day a week. 35% report that they can work from home all week.
These numbers are particularly striking because McKinsey talked to thousands of employees across many different types of job and industry sector. So this is not just a survey of professional office-based workers. This covers everything, including jobs that would traditionally need an employee on-site in a factory or store.
This has dramatically changed how companies across all business sectors need to think about security. IT systems that were previously based inside an office, with physical security and strong control over network access, have been replaced by cloud systems that can be remotely accessed.
The main difference between securing a cloud network and a traditional office-based network lies in the control and management of the computing resources, the way security perimeters are defined, and how data is accessed and protected.
Here are some specific contrasts to illustrate why a more flexible work environment really does change how security must be planned and managed:
Control Over Infrastructure
In the cloud environment, the cloud service provider (CSP) controls the physical infrastructure, and customers manage the security of their applications and data within the cloud environment, often using tools provided by the CSP. In a traditional network, the organization has full control over its physical servers, storage, and network devices. Security involves protecting on-premises resources with firewalls, antivirus software, and physical security measures – security guards and controlled access to server rooms.
Security Perimeter
In a cloud environment, security perimeters are less defined because resources are accessed over the internet and often span multiple service providers. This requires a focus on identity and access management, encryption, and secure APIs. On a traditional network, the perimeters are more clearly defined, with firewalls and intrusion detection/prevention systems guarding the entry points to the network. This is even true of the physical area the network takes up – especially if no remote access is supported.
Data Access and Storage
In a cloud environment, data can be accessed from anywhere, which introduces risks associated with remote access. Data must be encrypted in transit and at rest, and access should be strictly controlled and monitored. On a traditional network, data access is usually limited to the internal network or through a VPN, with centralized data storage that an organization directly manages.
Scalability and Elasticity
Cloud networks are designed to be scalable and elastic, which means security measures must also scale and adapt quickly to changes in the computing environment. Security will often be intelligent, using AI to notice changes in user behavior. For a traditional network, scaling requires additional hardware and is often slower, but changes happen at a more controlled pace, allowing for more deliberate planning and implementation of security measures.
Threat Landscape
The greatest change of all – the threat landscape is broader, with potential vulnerabilities across a global infrastructure and the possibility of insider threats at the CSP. In a traditional network, the threats are more contained to local access points and internal users, although internet-facing services are still at risk from external attacks.
Many companies are increasing the amount of time that their employees need to spend inside the office – a naturally more controlled and secure environment. However, any support for hybrid work – even one flexible day each week – ensures that the threat landscape has fundamentally changed.
Securing a network that supports both office-based and remote workers often requires a different approach than traditional network security due to the reliance on third-party providers, the need for robust identity management, the importance of data encryption, and the dynamic nature of cloud resources.
The world of work has changed, but has your approach to security kept pace with the changing requirements? Data breaches and attacks by hackers can be very damaging – especially to your reputation. IBM estimates the average cost of clearing up a data breach today is $4.45 million. When you consider this is the cost of one single incident, it seems worthwhile to invest more seriously in security.
IBA Group has deployed security and privacy systems to over 100 clients in many different industries, and they offer cloud services – so the team has detailed experience of how to secure large and flexible networks. Click the link for examples and more information.