The pandemic-induced remote work environment has introduced a broader range of security risks to agency networks, security leaders caution.
When one considers the enterprise as a whole, tens of millions of personal devices are now being used for work-related and personal tasks. And all these devices connecting to the network are outside of enterprise control and visibility, shares Brian Stites, vice president of security strategy at Red River, in a new report.
The report, produced by Red River, Stites reflects on the new normal of bring-your-own devices under current remote work conditions. In his view however, BYOD can bring greater efficiencies and user convenience to organizations, if combined with zero-trust architecture to mitigate security risks.
“BYOD is a massive untapped resource that organizations can harness to drive business creation in a safe, predictable environment, proved they ensure access controls and enforcement are in place,” he says.
Stites explains that because the premise of zero trust is to never grant access implicitly, it is designed for the BYOD.
The assumption is that one or more of the elements of the transaction is compromised, but the associated mechanisms to limit access to corporate data fundamentally change the cybersecurity operating model.
“The perimeter is now anywhere that an access control decision is made and increasingly used to where data is needed,” the report says.
Additionally, with more corporate data being generated and used at the edge, the report details how tools under the zero-trust model work to track data across on-premise, cloud and virtual infrastructure with full visibility.
That is why Red River has partnered with RSA in its own zero-trust journey, Stites says. Through RSA’s suite of solutions — threat detection and response (NetWitness), identity and access management (SecureID) and integrated risk management (Archer) — Red River has integrated core components of zero-trust security that align with NIST SP 800-207, Zero Trust Architecture.
“Fortunately, most organizations have started their journey to zero trust through existing investments in cybersecurity infrastructure. The journey involves migrating key solutions into the zero-trust environment while shedding tools and services that are either not suited for the journey or are not suited for the team. Leaders can reprogram those funds into filling the gaps in the movement to their zero-trust environment,” the report says.
Red River — a managed services provider with 25 years of experience in security, networking, analytics, collaboration, mobility and cloud solutions — is on its own path to realize its vision of zero trust within its digital transformation journey, the report says. And in that endeavor, the company can bring a unique level of expertise to government customers.
Learn more about Red River — their combination of talent, partners and products disrupt the status quo in technology and drive success for business and government.
This article was produced by FedScoop for, and sponsored by, Red River.