New survey finds 99% of companies will use a hybrid work environment post-pandemic and with increasing security concerns, will move to zero-trust architectures instead of VPNs to secure workplaces.

With 99% of companies going hybrid post-pandemic, broad endpoint security and data integrity concerns are on the rise. Companies are also moving back to Bring-your-own-device (BYOD) instead of corporate owned equipment in the office and at the employee’s home. To accommodate these new work environments, a fundamental change in the corporate security architecture is on the horizon.

Hybrid workplaces are here to stay

Teradici today announced results from its first-annual Corporate Cybersecurity Report – Securing the Hybrid Workplace in 2022 and Beyond. The survey, which polled more than 8,000 respondents across a range of industries, found that hybrid workplaces are the new norm, with 99% of respondents’ reporting their workforces will split time between the office and remote settings post-pandemic. The survey also found that concerns about endpoint security and data integrity are skyrocketing as Bring Your Own Device (BYOD) makes a comeback and employees commute with their devices.

“As a result of the enormous security concerns associated with unmanaged devices, as well as BYOD, organizations are changing how they think about securing their corporate assets. Expect to see companies move away from traditional VPNs to Zero Trust architectures to shore up their endpoints and protect their data.

The pandemic has caused a fundamental shift in how people work, and the ‘office’ will never be the same. As a result of the enormous security concerns associated with unmanaged devices, as well as BYOD, organizations are changing how they think about securing their corporate assets. Expect to see companies move away from traditional VPNs to Zero Trust architectures to shore up their endpoints and protect their data.”

The survey says…

According to the survey:

Hybrid work is here for the long term: Virtually all respondents (99%) reported their companies will have a hybrid workforce, and nearly 40% expect half of their workforce to operate remotely at least twice a week post-pandemic.

Even with fewer commuting days, workers’ treks are a security concern: The survey showed that 53% of respondents plan to enable employees to commute with endpoint devices, and this is a hot button of concern for IT.

Security concerns have risen: Nearly all respondents (98%) are concerned about security and/or data integrity as a result of employees commuting with endpoint devices.

BYOD is back: Of survey respondents, 90% say their companies are using a mix of employee- and corporate-owned devices; only 10% are predominantly using corporate-owned devices.

Here comes Zero-Trust architectures

To combat security concerns, organizations will move to remote access and Zero Trust architectures. Companies have largely relied on VPNs for employees to connect remotely, as many organizations have not yet completed their migration to the cloud. As hybrid work becomes the norm over the long term, remote desktop technologies with Zero Trust architectures will replace VPNs in an effort to better protect corporate networks. On top of this, IT will need to enhance the security awareness of employees to prevent human leaks and breaches.

Zero Trust eliminates the concept of trust from the network architecture. It is a security framework requiring all employees, regardless of their endpoint location, to be authenticated, authorized, and continuously validated before being granted or keeping access to applications and data. Zero Trust assumes that there is no traditional network edge; networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as workers in any location.

Execution of this framework combines technologies such as risk based multi-factor authentication, identity protection, next-generation endpoint security, and robust cloud workload technology to verify a user or systems identity.

How to implement Zero-Trust architecture in a network

Implementing Zero-Trust architecture requires you first define the “protect surface” which encompasses the critical data, application, assets and services—DAAS—most valuable for your company to protect. This could be data, assets, services, or applications. Once defined, you move your controls as close as possible to that protect surface.

Next, transaction flows are mapped. The way traffic moves through the network impacts how it should be protected.

Once transactions are mapped, a Zero-Trust network can be architected. This of course, is constructed around the protect surface and begins with a “next-generation firewall” that acts as a gateway or microperimeter around the protect surface.

Once the network is architected, a Zero Trust policy is implemented to whitelist which resources should have access to others. The method used to create this policy definition is called the Kipling Method and consists of the following:

• Who should be accessing a resource?
• What application is being used to access a resource inside the protect surface?
• When is the resource being accessed?
• Where is the packet destination?
• Why is this packet trying to access this resource within the protect surface?
• How is the packet accessing the protect surface via a specific application?

Finally, the network is carefully monitored at all levels. Monitoring exposes new methods you can use to improve the network security.