Given that Work-From-Home (WFH) is will not be disappearing any time soon, business executives and IT executives must rethink their networking topologies with consideration towards data management and privacy, identity, and security. It is quite possible that many employees and companies will become so accustomed to flexible office hours, options and tools that networking and security procedures will never revert to their former state. Thus, since WFH, or a mixed model for working flexibly from office or home, is likely to persist for some time, network topologies must adapt to the New Normal.
Seven months into the COVID-19 pandemic and the rapid move for employees to work from home (WFH), the impact on networking, data management and security is becoming clear. A real time poll of a set of senior IT executives who participated in one of the RFG 100 video conferences showed several top takeaways:
- Nearly 80% said some networking modifications are needed.
- More than 60% said their organization is including modernization projects in the implementation of their WFH/office transition.
- Nearly 90% said they think that compliance, privacy and security risks are higher in the WFH/office environment and must be addressed soon.
Overview: The Scramble Settles Down
Some IT managers are re-thinking how they will implement security, identity and data privacy in a WFH/office world. They realize that many aspects of the current WFH situation are quickly becoming permanent, or semi-permanent. As a result, they must decide which networking technologies they will keep – and which technologies must go.
The initial scramble to move employees to WFH was mostly about supporting them with VPN (Virtual Private Network) connections and a familiar, secure desktop via VDI (Virtual Desktop Interface). Many companies achieved a working model for VPN/VDI deployment within weeks. Now is the time to refine the initial changes made during the rush to support WFH and choose which ones will stay and which ones will go.
Identity Is the New Perimeter
The COVID-19 era has turned traditional ideas about network security upside down. Historically, there was a network “perimeter” around the well-protected enterprise data center. The location of the “center,” the “perimeter,” and the “edge” has changed in recent years, with the migration to hybrid cloud and multi-cloud deployments.
When the cloud era began, the old notions about the corporate network morphed into a new topology that included enterprise data centers and the hybrid cloud (connecting data centers with the public cloud). Then came the hybrid multi-cloud, with multiple clouds supporting applications and data that have migrated outwards from the data center.
Yet even in the age of COVID-19, people move to multiple locations: office, home and other places. Thus, the innate assumption that anyone inside the corporate network is trusted is no longer an operable one. That has been proven by security breaches in which outsiders access corporate networks by using employee credentials in a cybersecurity attack. These incidents are prompting many network managers to reassess older notions of network security and to look to identity and multi-factor authentication (MFA) to assure safer access to applications and data.
Given the WFH experience, some CIOs and IT managers are now concluding that identity – not location – must be the new recognition determinant. Identity travels with the person, regardless of location or device. The challenge, then, is to adopt a generation of security policies to adapt to these MFA requirements that are independent of physical location or device.
In Part II, we’ll discuss practical considerations in WFH and hybrid WFH setups.