Balancing Network Security With Employee Experience In The Age Of Hybrid Working

The past three years have driven a mindset shift around how work can be done. Despite the gradual return to the office for many, we are still in the midst of a remote working revolution. In fact, Gartner predicts that by the end of 2023, 39 per cent of workers will be hybrid – up from 37 per cent in 2022. The Indian corporates are opting for a blend of in-person and remote work; hence, the future of work is hybrid and here to stay in India. However, there is growing concern amongst employers that this new way of working is not optimising their employees’ time and talents. In its Work Trend Index 2022, Microsoft reported that 85 per cent of leaders said that the shift to hybrid work has made it challenging to optimize employee productivity. 

With the offer of flexible working becoming an important battle ground for attracting and retaining talent, businesses need to balance employee expectations with their own expectations around productivity. This means ensuring their infrastructure is providing employees with a seamless experience wherever they choose to log on, while also addressing any roadblocks that stand in the way of allowing more to be done in less time. 

But these apprehensions are being compounded by a sense that an employee working remotely introduces new paths for security breaches. This is because dispersed locations and distance workers open businesses up to a number of security risks relating to where, when, and how employees choose to access IT resources. In response to these new demands for flexibility and accessibility, network architectures, which incorporate everything from data centres to the cloud and the emerging edge, need to take a different approach to cyber security. 

Here are three ways that businesses can make sure their networks deliver protection in an unobtrusive way – increasing productivity by removing traditional security roadblocks while facilitating ubiquitous IT access. 

Taking An Edge-To-Cloud Approach With Advanced SD-WAN 

In the age of hybrid working, enterprise networks are evolving. Once upon a time, they used to be built from the data centre out, aligning with strong perimeters and ensuring that once a user was connected inside that perimeter, applications and user data were protected within it. Of course, when organisations hosted most business applications in their own data centres, this model of centralised security control points was acceptable. Now, as more and more applications have moved into the cloud, there is the opportunity to reduce latency with a distributed security model.

With users and applications everywhere in 2023, businesses can extend their in-office security controls to accommodate the new cloud environment. By deploying an advanced SD-WAN along with SSE (Secure Security Edge) security solutions, IT can enhance end-user quality of experience by automatically steering traffic to the internet based on a business’s specific objectives while ensuring that those transactions are subject to the same security policies that they would encounter in the office. In practice, this means that, for example, end user traffic that originates at home can be sent to a cloud-delivered security service to ensure that access policies are enforced while employees can still enjoy seamless connectivity without unnecessary overhead. The end result – greatly improved network performance that increases productivity. 

Implementing Zero Trust And SASE Security Solutions

Security teams know that their strategies and solutions must keep pace with the realities of hybrid work, but a piecemeal approach will likely not reach the desired goal of a defining and implementing unified security policies.

There are number of frameworks that can guide security strategies and investment, with two complementary approaches being Zero Trust and SASE (Secure Access Service Edge). The key principle of Zero Trust is “trust nothing” – based on the concept that trust is independent of how you connect to IT assets. It requires any user or device (including IoT) to be authenticated and assigned an access policy that governs where they can go and what applications and data can be accessed.

SASE then extends this framework by enforcing Zero Trust principles even if the user never enters the corporate network by connecting via the Internet to cloud-based applications. Whether an employee is in the office, or connecting through their personal iPhone via a café’s public WiFi – they can ensure their connection is safe. Here, utilising Zero Trust and SASE Security models is the only way to effectively streamline security operations while accommodating the “work anywhere” principles of hybrid work. 

Enhancing Visibility With A Unified Network And Single-Pane-Of-Glass Controls  

Finally, good security also relies on controls that can be applied universally to wired, wireless and WAN connectivity, with a single point of visibility and control. 

The tendency for workers to disperse across home offices and cafes has meant that connectivity stretches from the edge to the cloud, resulting in IT teams having to deal with a wider range of devices to monitor – broadening blind spots that can lead to compromise. Without common security policies and a single point of visibility and control, operators are pushed to manually collate data from various disjointed tools. And fear of this has led some to try and lock down employees instead. 

Going forward, businesses must look towards technologies that can address fragmented network operations while applying a consistent set of Zero Trust and SASE policies. Deploying a unified infrastructure, one that can be centrally managed via a cloud-native single point of control, can give businesses stronger supervision over their networks and increased protection. By reassuring businesses, they have complete control of network security, visibility can be seen as key to employee freedom.  

The Path Forward 

As remote networks grow in size, more valuable data is collected, and the threat level to enterprises is only going to grow. It is imperative that businesses become more aware of the security risks, being one of the major roadblock for companies utilising hybrid working. Striking the balance between a flexible but secure network and IT access will allow businesses to provide their employees with the freedom, flexibility and accessibility they now seek, without compromising on security. This also means that building technical security infrastructure and fostering a culture of security awareness is an essential part of business strategy for everybody going forward.