As More Enterprises Turn to Cloud Applications to Support Remote Employees, Securing Access is In the Spotlight
By: Orhan Yildirim
Microsoft announced last week that demand for cloud services rose a stunning 775%, causing them to have to prioritize customers given capacity limitations, even as they raced to add more capacity in.
In a March 28 blog post, officials said that demand for its new Windows Virtual Desktop usage grew by more than three times, particularly in regions where social distancing recommendations or regulations were put into place. The company is throttling non-essential Office 365 services, responding to growth in their popular Teams real time communications and collaboration application design for virtual work, and have been understandably prioritizing health-related workloads driven by the COVID-19 pandemic.
Other cloud providers are experiencing similar surges, including companies offering Unified-Communications-as-a-Service (UCaaS) and Containers-as-a-Service (CaaS) like Google, Microsoft, Zoom, 8×8, Amazon Web Services, and IBM.
What does this mean for enterprises who have had to pivot to virtual working as the main or even only mode, immediately and for months to come? IT teams –also working virtually – have been working overtime to keep up with these fast-moving changes. These IT heroes have been named “essential workers” by governments who have categorized roles where workers may be required to report to the office, or a data center, or other physical locations to ensure critical communications networks, services and applications remain available and protected.
For those having to reconfigure accounts, to deal with VPNs or other private network types, to ensure cloud capacity and bandwidth is adequate to support these unanticipated surges, having automated security systems in place – including Privileged Access Management automated systems – is a huge plus.
Black Swan events like the completely unanticipated COVID-19 pandemic are a true test of every organization’s network and security posture, impacting remote access, business continuity and security measures, as access becomes the most demanding and important challenge to address.
In a physically controlled setting, IT teams have complete visibility into and control over network access, internal networks, data, and applications. When all workers go remote, the risks can skyrocket, including connecting through insecure WiFi access, increasing the potential exposure to unsafe content that may impact a business.
When you add in cloud services, not only can network sessions be compromised, but entire datasets and applications that live in public clouds expand the potential attack surface possibly exponentially.
And while various flavors of VPNs, Single Sign On (SSO) applications, and multi-factor authentication can be used to validate and only let authenticated and authorized users in, having a comprehensive PAM solution in place makes it easier for IT teams to secure data at rest and in motion.
Adversaries get this. They see COVID-19 as a prime opportunity to break into enterprise and government systems given these unexpected vulnerabilities, and mining data and information stored on public, private or hybrid clouds can be highly lucrative in the dark world (whether stealing sensitive and valuable information or attempting ransom).
Despite the speed with which the COVID-19 turned the world upside down, IT teams are working non-stop to ensure their organizations are protected, and are doing so with full security platforms which include SIEM tools and analytics, SSL inspection, intrusion detection and prevention, network firewalls, DDoS prevention, data leak prevention (DLP), SSL threat mitigation, application firewalls, and above all identity management.
We understand this and the importance of Privileged Access Management as key frontline defense because we are hearing from our large clients in banking, telecom, healthcare and more that they are successfully managing the transition, including the massive shift to cloud. They are maintaining infrastructure integrity, while also protecting data and applications served from the cloud and are doing so with modern PAM software that scales.
Ironsphere can stand up solutions within days, given our open architecture and unique approach, which are more easily and efficiently integrated into multi-cloud environments – more naturally adaptive and cost efficient than legacy PAM vendor solutions. We stand by to support the heroic IT teams who are making it possible for healthcare providers and other critical service providers to operate in ways that will save lives – without risking what could be devastating security breaches.
Securing Increasingly Decentralized Corporate Environments in 2021: Changes and Challenges for Access Management
It is understandable that many IT leaders are solid fans of the centralized approach to cybersecurity, arguing that it allows companies to better assess and manage their risks by being able to control every application, device and access privilege, by user.read more
The debate on centralized vs. decentralized IT has been going on for decades, and there are solid arguments for both choices. The rise of the cloud changed everything, and today “shadow IT” continues to challenge CIOs and CISOs who are charged with protecting the assets of their organizations while also not restricting the number of productivity tools available which employees and contractors continue to find and use rather than using “official” applications.read more
2020 was a year of tremendous chaos and stress on many levels and stretched the limits of IT teams who were responsible for securing corporate assets, as entire companies sent employees home to work, including those same IT teams. A new generation of IT heroes was born, and CIOs, CISOs, and IT analysts and managers stepped up to address uncommon challenges, even as cyberattacks grew to all-time highs.read more