In the age of cloud resources and remote work, you need more than the traditional perimeter security model to keep your users, resource access, and devices secure. In a recent webinar, we explored the COVID-19 pandemic and how it accelerated ongoing changes in the IT industry — as well as new security models IT administrators can put in place to keep their organizations secure in the work-from-home era. Watch the full webinar here, or keep reading for the highlights.
JumpCloud’s own Cassa Niedringhaus sat down with panelists Stephen O’Grady, industry analyst and co-founder of RedMonk, and Gary Reiner, Operating Partner at General Atlantic and former CIO of General Electric, to get a better sense of how admins are coping with pandemic-induced changes and how they can position their organizations well for the future.
Major Changes Caused by COVID-19
Both Stephen and Gary agreed that the implications of remote work aren’t just technological. This shift in how many of us work also involves heavy cultural and process changes that IT organizations must take into account as they plan for the future.
One point our panelists discussed is the disparities in how the remote shift has affected different industries. Tech workers have been able to go remote, perhaps with some modifications, but are largely doing the same or even more work than before. On the other hand, in-person businesses like travel and dining have suffered massively.
We bring this up because it will affect how admins support their organizations. Organizations that can easily translate their work to remote life might even see productivity benefits. People are generally home and able to jump on calls together, when they may have otherwise been traveling, visiting clients, or on any other “normal” trip. This increase in output and productivity has created a desire to be the last to go back into the office, because some individuals are better able to do the work they need to, all while staying safe.
Gary points out that this influences how IT can support organizations, because they should expect the remote style — or a hybrid model with a mix of in-office and remote work, at least — to continue into the future.
COVID-19 Reveals IT Vulnerabilities
What defines a secure environment has changed massively over the last two decades with the popularization of SaaS and cloud infrastructure.
COVID’s influence and the increase of remote work has not been out of the norm for such IT trends, but the rapid change has certainly thrown gas on this fire. This adjustment has been a forcing function to make organizations rethink how they approach security. It also has revealed risks that traditional IT environments pose in this remote world.
Here are some of the main risks for a traditional on-premises IT setup:
- Perimeter security can’t contain remote users and resources
- Remote users tunneling into the internal network increases risk
- Sysadmins forced to maintain on-prem infrastructure
With the rise of remote setups, organizations need innovative architectures to support their distributed teams — architectures that also ensure business continuity in the face of change.
Perimeter Security vs. Domainless Security
A central tension in these traditional IT setups is the focus on perimeter security, especially as more users and resources exist outside the perimeter. Organizations need new models that allow them to secure their users and resources no matter where they’re located.
In the domainless enterprise, a cloud directory platform serves at the core. Admins can use a cloud directory service to manage and secure users, resources access, and devices from anywhere.
A cloud directory platform secures each transaction in an environment by verifying that a user is who they say they are, they’re accessing resources from a secure device and networks, and they have authorization to access those resources — all controlled from the cloud. A cloud directory platform also enables admins to secure access points with controls like multi-factor authentication (MFA).
So how do you replace perimeter security and shift your model? Read Part 2 to find out.