Overcoming Today’s Business and IT Risks with a Modern Approach to Security
Nobody can blame all the security challenges facing companies today on the pandemic, but it’s certainly accelerated the need to address those challenges. It was always essential for companies to provide employees secure access to applications and other resources. But when COVID-19 hit, that need grew exponentially as many companies shifted to having many employees working from home. Securing so many new, widely dispersed endpoints became more difficult than ever.
As the world emerges from the pandemic, several forces stand out as companies look to continue securing their systems, applications and data. What’s needed is an approach to security that takes a proactive stance, reduces the risk of attacks and breaches, and speeds up breach mitigation efforts.
While other forces increase issues around security, the five top ones include:
- The hybrid workspace. Many organizations now let employees decide how often they work in the office versus at home or wherever they choose. All those dispersed laptops, desktops and other endpoints can be difficult to manage.
- Zero-trust strategy. With a work-from-anywhere workforce, many organizations require every device and application to include multi-factor authentication. Implementing this “trust nobody until verified” strategy is time- and resource-intensive.
- Ransomware attacks. The surge of ransomware attacks is an opportunistic effect of the pandemic and more people working from home. The far-reaching impacts of such attacks raise big concerns for companies and their customers.
- Supply chain reduction. Every organization is only as strong as its supply chain. Reducing the number of solutions and vendors involved in it reduces complexity from dependencies and connections, as well as the number of solutions to manage for security.
- Security operations center (SOC) burnout. Security operations teams are almost always under-resourced. The rise in attacks and breaches exacerbates this issue. They’re doing more, but with legacy tools that lack features like automation that help them get ahead. Burnout and a talent shortage make it hard to field full security operations teams.
The good news is that VMware solutions can address these forces by building in security from end to end. This provides a tremendous opportunity for partners, particularly managed services providers (MSPs) and managed security service providers (MSSPs), to use VMware solutions to provide their customers security as a service.
Ready-Made for a Work-from-Home World
VMware Workspace ONE, an endpoint and application management framework, is the solution to support a remote workforce. In early 2020, VMware effortlessly shifted its own employees to working from home and quickly met the deluge of requests for customers doing the same. VMware Carbon Black offered an extra layer of security on top of Workspace ONE. Integrating these two VMware solutions made it easy to deploy Workspace ONE to any employee or contractor so that they could more securely access the applications they needed—all over a public network.
Support for a Zero-Trust Strategy
A zero-trust approach assumes that every attempt to access systems and applications could be an attack, so it requires multi-factor authentication for all end users. For example Workspace ONE requires two-factor authentication for users to access corporate applications.
While these access requirements are great for security, manually authenticating adds a barrier to employee productivity. A hallmark of the VMware story of innovation is its focus on automating processes to simplify the end user experience and reduce human error. For example, VMware embedded its Identity Management module into the log-on process of Workspace ONE, automating RSA token code entry for users. It’s far easier for the user, but supplies the same two-factor authentication. Another example: When Carbon Black Workload is added to VMware vSphere, the VMware vCenter management software automatically pushes it out to workloads.
Shoring up Defenses against Ransomware
Ransomware is on the rise, as is the time an attacker sits inside the network searching for higher-value assets to hold hostage. Many companies fear becoming a ransomware victim. VMware was one of the first vendors to launch a program to combat such incidents, the VMware Carbon Black Incident Response Partner Program. This program trains partners on using VMware solutions to quickly remediate breaches. Since its inception, the number of partners joining and completing the program requirements has grown dramatically, and the number of breaches they’ve resolved has tripled year over year.
Cyber insurers recognize the program’s impact and recommend its partners to customers who file a claim for a breach. Many cyber insurers require certain standards of security in customer environments before insuring them, which opens services opportunities to partners who can conduct compliance, auditing and stress testing upfront to proactively protect customers. Click Page 2 to continue reading…
- Page 1
- Page 2