One of the main responses to the global outbreak of Covid-19 is social distancing – avoiding large groups of people near one another. Along with the closure of shops selling non-essential products, a major tool for social distancing has been encouraging people to work from home. According to the Office for National Statistics (ONS), 49.2 percent of employed UK adults are working from home as part of these measures.
This significant uptick in the number of people connecting remotely from dispersed locations poses a unique challenge to businesses operating with legacy IT infrastructures. Increasing network complexity and bigger attack surfaces leave enterprises more vulnerable than ever before to cyber-attacks. In 2019, analyst Gartner suggested that adopt a technology category it dubbed SASE (Secure Access Service Edge), which includes protection of DNS services and helps mitigate security risks – but is this feasible at a major scale? And what challenges do companies encounter?
The remote working revolution
Advancements in technology have enabled telework across a host of sectors, yet most companies, even technology giants, lack the digital infrastructure to enable this at a large scale. While most companies have policies, technology, and procedures in place to allow employees to work remotely, corporations, previously expected anticipate only about 15 percent of employees connecting remotely at one time.
As such, investment and deployment in VPN and VDI infrastructure is tailored and appropriate for this level, leaving many corporations vulnerable and ill-equipped to manage a new reality that requires dynamic access to network services for a larger number of employees.
The drastic shift to mass remote work therefore brings additional security risks for companies. As devices are installed outside a company's network infrastructure and connected to new networks and WLAN, the potential attack surface for cybercriminals expands exponentially.
Covid-19 has been a true litmus test for remote working. Corporations large and small have implemented solutions to help manage the changing demands of a dispersed workforce. To many, virtual private networks (VPNs) may seem like an appropriate solution. But VPNs for workforces are often only dedicated to specific employees, are cost prohibitive and complex to implement globally, resulting in insufficient capacity.
A secure solution
For corporations lacking the infrastructure, time, and liquid capital to expand access to VPNs, it has been critical (and highly cost-effective) to externalize this service, allowing for accessibility on-demand. A key component of this solution is enabled by SASE platforms. This is a set of services offered by internet service providers and telecommunications corporations, to enable NaaS (Network as a Service) which allows remote employees to connect, coupled with Network Security as a Service (NSaaS) offerings which include VPN, Firewall as a Service (FWaaS), DNS and Cloud Secure Web Gateways (SWG) to minimize vulnerabilities.
A central element of the SASE offer is a secure and high-performance DNS service which protects apps, users and data against potential DNS attacks and ensures that business operations are not impacted – especially when most employees are connecting to the network remotely. DNS should ideally be complemented by Edge GSLB (global server load balancing) distributing the load of network traffic for servers. And for service deployment automation of a telco's SASE infrastructure, DDI (DNS-DHCP-IPAM) is fundamental, bringing the velocity required to scale easily and rapidly, aligned with market demand.
Taken together, these measures ensure that company networks are running smoothly - despite increasing network complexity in the new remote work reality that will define 2020 and beyond.