Wednesday, 12 August 2020 16:50

COVID-19 provides ‘wake up’ call for governments on remote IT security

By Budd Illic, Zscaler
Budd Illic ANZ Country Manager, Zscaler Budd Illic ANZ Country Manager, Zscaler

GUEST OPINION by Budd Ilic, ANZ Country Manager, Zscaler:  Implemented with little warning amid the viral pandemic, remote working is likely to remain a fixture within government departments and agencies in the months and years ahead. The problem is that many are alarmingly underprepared for the change.

Across all levels of government, traditional practices have required staff to travel to an office to complete their daily work tasks. With most starting and ending at the same time, peak-hour crushes in lifts and on public transport are a normal feature of the workday.

Fast forward just a couple of months and the world has changed dramatically. The vast majority of public-sector staff are continuing to work from home with only frontline and customer service teams reverting to office life. Even when current lockdown rules are relaxed, many staff will continue to remain at home.

Security challenges

This seismic shift in work practices poses significant challenges when it comes to IT security. Staff still need to access core applications and data stores but, rather than using the office network they must do so remotely over the public internet.

In the pre-COVID workplace, IT security was typically provided through the deployment of a firewall and other security technologies. Everything within this digital perimeter was then deemed to be
secure and staff could freely access the resources they required.

Now, things are very different. A staff member is just as likely to be working from a home office, potentially using a private personal computer or mobile device. Access will often be via an in-home Wi-Fi network and a retail internet connection.

When only a relatively small proportion of department or agency staff were working remotely, this challenge was overcome through the use of virtual private networks (VPNs). VPNs create a secure and encrypted link from the user’s home-based device into the department’s data centre and network. The worker can then be treated in the same way as they would be when based in the office.

However, traditional VPNs have numerous limitations which are exacerbated when remote worker numbers explode. Departments are forced to increase VPN capacity in their data centres or find an alternative approach. In order to facilitate the significant increase in numbers some have turned to VPN concentrators located in disaster recovery facilities. While these were supposed to be kept in reserve for when disruption hit the main data centre, they’re now being put to work to support home-based staff.

Other departments have rushed to purchase and deploy new VPN concentrators. While this can be done, it requires additional capital expenditure . The hardware typically takes months to ship, requires sometimes weeks to set up, is constrained by capacity limits and creates a poor experience that impacts user productivity. VPNs force traffic to be backhauled through a datacentre just to get access to the Internet, SaaS applications or public cloud applications, leading to unwanted latency. Not to mention, this forces IT to invest in expensive, short-term, fixes that lead to purchasing outdated infrastructure that may never result in a return on investment once COVID-19 is over.

The challenge becomes even more acute when staff are expected to use cloud-based resources such as Microsoft Office 365 and Teams. With VPN security in place, traffic from a home office must be transmitted firstly to the central data centre and then out to the Microsoft cloud. Returning data must come back via a similar path.

The result is often significant decreases in performance when compared with the usual in-office experience. Slow response times and issues with availability have a big impact on productivity which leads to rises in user frustration.

The benefits of a ‘zero trust’ approach

A better approach for government departments and agencies is to adopt a security strategy dubbed ‘zero trust’. The zero trust architecture shifts security functions to focus on protecting the user/device in any location, rather than securing a network perimeter that is eroding away. This ensures that users get secure, fast, and optimized connections, no matter where they are connecting from or device they are using.

Once all the components of an IT infrastructure have been secured, the perimeter becomes meaningless. Users can access cloud services directly and enjoy the same high levels of performance from data centre-based applications and stores.

Unfortunately, industry research shows that less than 10 per cent of public-sector departments and agencies have so far embraced zero trust. However, with working patterns now irrevocably changed, this number is expected to increase quickly.

Taking the time today to investigate this strategy and how it can add value to workers in your department or agency will pay big dividends in the future. It’s time to begin your journey to zero trust now.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments