cerrar
cerrar
Su red del mañana
Su red del mañana
Planifique su camino hacia una red más rápida, más segura y más resistente diseñada para las aplicaciones y los usuarios a los que da soporte.
          Descubra Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Netskope debuta como Líder en el Cuadrante Mágico™ de Gartner® para Single-Vendor SASE
              Protección de la IA generativa para principiantes
              Protección de la IA generativa para principiantes
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Prevención moderna de pérdida de datos (DLP) para Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Libro SD-WAN moderno para principiantes de SASE
                  Modern SD-WAN for SASE Dummies
                  Deje de ponerse al día con su arquitectura de red
                    Entendiendo dónde está el riesgo
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                            Netskope GovCloud
                            Netskope logra la alta autorización FedRAMP
                            Elija Netskope GovCloud para acelerar la transformación de su agencia.
                              Let's Do Great Things Together
                              La estrategia de venta centrada en el partner de Netskope permite a nuestros canales maximizar su expansión y rentabilidad y, al mismo tiempo, transformar la seguridad de su empresa.
                                Soluciones Netskope
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Soporte técnico Netskope
                                  Soporte técnico Netskope
                                  Nuestros ingenieros de soporte cualificados ubicados en todo el mundo y con distintos ámbitos de conocimiento sobre seguridad en la nube, redes, virtualización, entrega de contenidos y desarrollo de software, garantizan una asistencia técnica de calidad en todo momento
                                    Vídeo de Netskope
                                    Netskope Training
                                    La formación de Netskope le ayudará a convertirse en un experto en seguridad en la nube. Estamos aquí para ayudarle a proteger su proceso de transformación digital y aprovechar al máximo sus aplicaciones cloud, web y privadas.

                                      Securing “The New Normal,” or What to Do Now That Everyone is a Remote Worker

                                      Apr 30 2020

                                      If we had a dollar for every blog post that started with “we are living in unprecedented times” in the last month, we’d be sipping mai tais … in our living rooms. But it certainly is true and I don’t mean to make light of the extreme situation we’re all in right now. Case in point, recent reports from Netskope, and the industry at large, show that more enterprises are moving their workforces to remote, resorting to cloud adoption at a breakneck pace and certainly faster than any projections I’ve seen in recent years from industry leaders or analysts.

                                      For businesses, these changes can be categorized into how services are being consumed and how they are being delivered. We’re seeing leaders work hard to understand how they deliver value to customers who are no longer able to come through the door. As a result, they’re finding ways to pivot their business to online storefronts, curbside pickup, and delivery. All of this taken together is digital transformation in action, but with that also comes new threats and security transformation.

                                      All of this flux and forced mobility as the result of the COVID-19 pandemic, means that security teams are evolving and transforming very rapidly while also trying to understand what a “new normal” could look like for their business. I’ve had a chance to talk with a number of CISOs over the last month, and here are some of the key takeaways from those conversations and some guidance for how CISO’s and security teams should be adapting their strategies:

                                      1. Breathe, get your footing, circle the team

                                      Unless you were Nostradamus last year and said “We’re going to move everything to the cloud and be able to support a 100% remote workforce by March 2020,” you’re now in the process of rethinking everything or having to accelerate your plans. Everything you thought you were going to be doing this year just got turned on its side and there’s nothing you can do about that. The first thing CISOs are telling me is that it’s very important to take a deep breath, stay human, and just acknowledge this moment with your team. Recognize that this is likely the hardest crisis many people have had to confront in their lifetime. People are going through a lot at home and with their families — so be sure to create the safe space people need to do the best that they can. Once you do that, many teams are realizing that there are actually opportunities during a crisis — we’ll talk about that more in a second.

                                      2. Adapt expectations of how people work and don’t be afraid to throw out current models

                                      This is a situation that actually encourages quick and nimble thinking because companies and security teams alike need to rethink how they can do business in this new world. We have some uncertainty as to how long we’re all going to operate in this manner, and we may even find that there are some efficiencies for companies to continue operating this way. Can employees shift to more flexible hours to manage their work and life? Does this mean that you might actually have more coverage on a weekend or evening shift? Embrace the opportunity to evaluate existing norms and maybe it will actually create a better situation for people to get work done.

                                      3. Get back to first principles 

                                      Remember, your core tenets keep you safe. In all of this change and uncertainty, coupled with the need to make fast moves, it’s important to remember that chaos and confusion aid the mission of bad actors trying to take advantage of this situation too. And with all of the potential exposures and gaps you may discover with your legacy security stack, recognizing and reducing complexity goes a long way, so be sure you’re staying true to the fundamentals of your security strategy within your architecture. With a highly remote workforce and a co-mingling of work and life at an extreme, domain separation becomes an interesting first principle to revisit. Do employees also have a personal Microsoft Teams account? Are kids accessing Google Classroom from a corporate asset? Getting back to first principles can help ground your thinking during uncertain times. 

                                      4. Necessity is the mother of all invention

                                      When people, teams, or organizations go through a crisis, priorities become blindingly obvious. Like it or not, a crisis also has a way of cutting through bureaucracy, and can clear a path to get things done. And the reality is that you MUST address specific issues at this time or suffer greater consequences. In that context, here are a few examples of what CISOs are dealing with right now:

                                      VPNs are getting crushed

                                      When testing and deploying legacy VPN solutions, we never intended to have them handle a work from home mandate like we’re experiencing now. CISOs are leaning on security architectures to quickly pivot to solutions in the cloud where there’s plenty of bandwidth, services, and connections you can leverage. 80% of the CISOs I’ve talked to in the last month are looking to modernize their approach to VPN through things like Zero Trust Network Access.   

                                      Moving security to the cloud just went to warp speed

                                      Most modern CISOs are in some state of security transformation and that means moving security to the cloud. Accelerating this is hard and uncomfortable, however, since it involves people and major surgery to the legacy security stack. For those who were already far enough along the transition has been easier, since it’s meant moving up deployments that they might have spaced out more to balance against concurrent projects that are no longer a priority. For others just getting started, it’s meant that they’ve had to hurry up the internal discussions and get really practical about addressing their greatest needs.

                                      Collaboration apps are now mission-critical and under attack

                                      Speaking of greatest needs, in some places the use of tools like Slack and Microsoft Teams have increased exponentially, and the security of those transactions is under the spotlight due to the uncanny timing of bad actors’ desire to exploit situations like this. Nearly every conversation I have with CISOs involves sharing best practices for securing collaboration apps. Of course the ability to cover these tools varies greatly from company to company. Recently after Zoom shared that their daily active users skyrocketed from 10 to 200M in three months and if you’re also seeing this exponential growth, you are also grappling with how your networks and VPNs might handle such a challenge (keen statement of the obvious — they are not!).

                                      I’ll end with a final thought, which is to think about how you want to look back on this time. Without a doubt, things will not be like they were before COVID-19. Even with the return of sporting events, trade shows, getting back to the office, and returning to schools, we will be forever changed. Think about the shape you want your team and security program to be in when we start to turn the corner. Beyond the immediate firefights, will you accelerate out of this or be in the same place you were in before this all started? If you’re like me, you want to come out stronger and more ready for the next time. I’d love to talk with you about how you’re going to do that. Connect with me on LinkedIn if you want to start a conversation. 

                                      author image
                                      Lamont Orange
                                      Lamont Orange has more than 20 years in the information security industry, having previously served as vice president of enterprise security for Charter Communications.
                                      Lamont Orange has more than 20 years in the information security industry, having previously served as vice president of enterprise security for Charter Communications.

                                      ¡Mantente informado!

                                      Suscríbase para recibir lo último del blog de Netskope