Zero-trust security, zero stress

How to manage security and flexible working

Here’s why a zero-trust approach is the right answer to the new vulnerabilities faced by today’s mobile workforce.

For good or for ill, working away from the office is here to stay. But its implementation was hasty and not without consequences.

One of these is that 47% of companies have seen an increase in cyberattacks since the work-from-home shift. More troubling still is that, for cyberattackers, big business is not the only target. In fact, one Hiscox report found that a small business in the UK is successfully hacked every 19 seconds.

Indeed, in the wake of the COVID-19 pandemic, cyber criminals have only become more prolific. Part of the reason for the growth of this threat is remote work. In the UK, vacancies that allowed for remote work tripled in 2020 and more than half of Londoners now work at home.

And the nature of cyberthreats is changing, too.

It’s likely that your IT department, for example, never expected the coffee machine to deliver ransomware – plus a ransom note. But that’s exactly what happened when Martin Hron, a researcher at the security firm Avast, reverse engineered a £200 coffee maker to reveal just how insecure smart devices can be.

As the workforce of many companies is increasingly becoming mobile, devices used on-the-go can connect to any server – leaving the entire IT network vulnerable. And so working remotely has exposed British businesses to an entirely new threat landscape.

With some devices having little to no security in place, cyberattacks are less challenging for criminals. The urgency to protect networks from these vulnerabilities and prevent mobile malware propagation has become essential, with organisations investing in devices with zero-trust security.

What is zero-trust security?

The best way to view the post-pandemic world of online security is to look at it through a zero-trust lens, a way of viewing security, by which the programme assumes your data has already been compromised. By operating under this assumption, the onus to prove who you are always falls back to you.

If you’ve ever used 2-step verification, then you’re familiar with the basics of the zero-trust approach, which allows for a remote workforce to securely connect to any business from anywhere. Each time a user attempts to access company resources, he or she needs to verify their identity in some way, such as acknowledging the login on a mobile device. This verification control empowers the IT department to grant varying levels of access depending on the conditions of entry.

This is the default mode in zero-trust security: access to applications and services is strictly conditional. The burden of proof is on the user to confirm their identity. This process also picks up other useful information for cybersecurity, such as the state of a device, its location, and the time of day.

This improved visibility throughout the network makes it easier to spot – and stop – breaches brought by malware. And, according to a Forrester report, by ceasing the exfiltration of data into the hands of malicious actors, the zero-trust method also reduces security expenses.

These facts explain why 3 in 5 business leaders say that their zero-trust security approach has enabled better digital transformation.

Defence-grade security for on-the-go protection

The IT department had an easier job defending the devices in its charge when all of them were in the same building. But now that the workforce has left the relative security within the walls of the office, business leaders need a new approach to manage the present risk.

Investing in mobile technology that has zero-trust principles built-in is an essential tool for preserving critical data and business processes. Working with any device and browser, the security model stops mobile malware propagation, making it a must-have for moving workforces.

Focusing on a few basic security strategies, such as employing biometric authentication, zero trust, and secure hardware and software, can help your company protect important applications.

With these in place, cybercriminals are faced with more barriers, and so your business is well protected.

Sponsored content from Samsung