images
figures
Blog

Why Remote Workforce and Legacy Security Architectures Don’t Mix

Admin Globaldots
30.03.2021
image 3 Min read
SD-WAN and SASE

Make no mistake about it, work-from-home (WFH) and the remote workforce aren’t going away any time soon. Only 7%of respondents indicated that everyone will move back to the office. More than half (80%) indicated their companies will continue with a remote workforce in whole or in part.

With users working remotely, IT organizations still need the same level of security controls and visibility. But delivering those capabilities can’t be done by compromising application performance. And that’s a problem for legacy security architectures as they add latency, crippling application performance, and lack the optimization techniques for improving the remote experience.

It’s no surprise then that boosting remote access performance was the most popular primary focus for IT leaders over the next 12 months (47% of respondents). At the same time, when asked to cite the primary security challenges facing their IT organizations, 58% of respondents pointed to “enforcing corporate security policies on remote users” making it second to only “Defending against emerging threats like malware/ransomware” (66% of respondents).

But the problems of securing the remote workforce don’t stand on their own. They’re compounded by all of the legacy security challenges facing IT teams. More than half (57% of respondents) indicated that they lacked sufficient time and resources to implement security best practices. And those best practices can be as mundane as patching software and systems shortly after vendors release patches (32% of respondents).

Astounding. In the 21st century with networks that have seen throughput jump ten thousand-fold over the past 30 years and we still have patching problems?

IT managers shouldn’t blame themselves, though. It’s clear where the problem lies — in the architecture. As Cato security engineer, Peter Lee, noted in this blog when documenting the vulnerability and subsequent patches issued for VPN servers:

“Patching has become so common that we just assume that’s the way it has to be. “Patch Tuesday” has us expecting fixes to problems every week. In reality, patching is an artifact of the way all appliances are built. If we eliminate the appliance architecture, we can eliminate the overhead and risk of patches.”

Eliminating appliances will not only eliminate patching problems, it will also eliminate the performance and visibility challenges introduced by legacy security architectures. Of course, this assumes enterprises can replace legacy security architectures with an approach that will:

  • Simplify today’s security stack
  • Eliminate the patching headaches
  • Deliver secure access everywhere, at scale, without compromising performance
  • Give visibility and control into all traffics flows

What architecture will do that? According to respondents — SASE.

More than 91% of respondents expect SASE to simplify management and security. Of those who’ve already adopted SASE, 86% of respondents experienced increased security, 70% indicated time savings in management and maintenance, 55% indicated overall cost saving and greater agility, 36% saw fewer complaints from remote users, and 36% realized all these benefits. No wonder that more than half of the respondents indicated that SASE would be very or extremely important to their business post COVID-19.

Originally published in https://www.catonetworks.com/blog/why-remote-workforce-and-legacy-security-architectures-dont-mix/.

Comments

0 comments

There’s more to see

slider item
SD-WAN and SASE
MPLS Upgrade for the Modern Enterprise
Admin Globaldots

Modern enterprises now have alternatives to MPLS that are more flexible and just as reliable for building a WAN.

Read more
slider item
SD-WAN and SASE
SD-WAN or SASE: The Power is in the Platform
Admin Globaldots

The Secure Access Service Edge (SASE) is a comprehensive platform that blends SD-WAN with security and remote access many other capabilities to meet whatever challenges you face today and, tomorrow.

Read more
slider item
Supply-Chain Data Protection
RCE in Cdnjs and What It Means to You
Dror Arie 19.07.21

Last week, a researcher named RyotaK shared a clever supply chain vulnerability in Cloudflare’s highly popular hosted module called cdnjs, which runs on around 12% of all sites on the web. The module helps developers consume other popular packages and integrate them safely into their sites.  The vulnerability was in the cdnjs library update server […]

Read more

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Contact us
figure figure figure figure figure

Don’t Fortify. Amplify – Your Cloud Security Stack, Redefined.