‘Zero trust’ approach to cyber security required in remote working world

As hybrid working models increasingly appear set to become the norm, IT specialists b4b Group and Fortinet examine how cyber security has never been more important as a result.

The world of work is unrecognisable now compared to just 18 months ago, with unprecedented numbers of people working from home where their job enables them.

For many, it has required a new level of understanding around how to use technology to ensure continued collaboration and that productivity levels are maintained.

It has also meant an exponential rise in demand for services from leading managed IT firm b4b Group and cybersecurity partner Fortinet, to a growing customer base including household names in the private and public sectors across the UK and Ireland.

Thomas O’Hagan, Managing Director, b4b Group explains the nature of that demand has developed over the period.

“If we cast our minds back to the very first lockdown in spring 2020, the initial period of remote working was nothing like what we now consider normal,” he says.

“In the beginning, networks and systems were simply not in place, compounded by the lack of availability of even basic technology such as laptops, so there was a huge amount of work with clients enabling them to operate as close to normal as possible.”

Fortinet adds: “More than 18 months on from those days however, organisations have of course adapted to the new way of working with many moving, either in part or in full, to remote working models on a permanent basis.

“This means instituting software that supports and facilitates remote work, allowing applications to operate seamlessly while also limiting the exposure of confidential data.”

It is that potential exposure of data that has placed a renewed focus on building robust cyber secure solutions into the IT infrastructure of organisations whether to facilitate work in the office or remotely.

The cost of cyber attacks on businesses across the UK every year is around £34 billion, according to research by the CEBR (Centre of Economics and Business Research) and it was revealed last year that thousands of breaches had occurred across 17 UK Government departments between 2019 and 2020

Meanwhile, in the Republic of Ireland, a breach of HSE (Health Service Executive) systems earlier this year saw criminals demanding $20 million, claiming they’d accessed thousands of files containing sensitive patient and other confidential data.

O’Hagan says the costs associated with such breaches are huge “but it’s not just about cash”.

“The damage to your organisation’s reputation, longer-term harm to internal productivity and morale, theft of intellectual property and potential legal consequences must all be considered,” he explains.

“At every level, a zero trust approach to external communications must be taken. If there is any doubt about the source of an email or interaction from outside the organisation, it should be ignored. Leaders within organisations should also be empowered to challenge staff, making sure only known sources are trusted.”

Certainly, the requirement of teams to continue to collaborate with each other and external parties and stakeholders while still working from home can clearly make the sharing of data riskier.

“Office spaces have been organised and structured with technology in mind and that includes making them secure from a cyber point of view,” Fortinet says.

“However, the same, by and large, is not true for our homes or indeed anywhere outside the office where you may wish to work.

“Traditionally, the go to solution would have been putting together a complex system using VPNs (Virtual Private Networks) providing remote logins.

“In this scenario however, you may still be left relying on the devices themselves being well protected.

“Instead, organisations are now establishing Zero Trust Networks that require higher levels of verification to use, such as two-factor verification which many may already be familiar with from signing in to applications like Facebook or Amazon.”

While many businesses are realising the benefits in using Zero Trust Network Access (ZTNA) to connect those working from home, it has advantages beyond that, O’Hagan adds.

“Being able to access corporate networks remotely is not just those working from home.

“It also enables seamless collaboration between teams working across multiple sites, whether in the same company or across numerous locations and departments in large public sector organisations.

“The key is restricting access to data only to those that require access, safeguarding sometimes sensitive, commercial or personal information, while allowing operations to run smoothly. Fail to take a zero-trust approach, and organisations could be left to pay the penalty.”

b4b Group is a leading provider of integrated managed IT and telecommunications services covering all aspects of IT, telecoms and IoT (Internet of Things).

Fortinet is a global leader in cyber security solutions from firewalls to anti-virus software and beyond.

For more information or to discuss how b4b Group and Fortinet may assist your organisation, contact 028 9074 8844 or sales@b4bgroup.ie.