The narrative that the COVID-19 pandemic has passed its peak and that it is time for us all to "go back to work" is a popular and oft repeated one but not wholly accurate. We know from transport data that people are not returning to offices in the same numbers as they were pre pandemic. For example, rail commutes are still running at less than half of 2019 levels.
The most erroneous part of the "back to work" story is the assumption that we ever stopped working. We didn't. We simply changed how we work - and specifically how, where and when we access the things we need to be productive. With SaaS and cloud apps and mobile devices, workers no longer need to be in the office to access the tools and data they require. Offices aren't over - we just require them less often. This is the essence of hybrid working.
But with this new mode of working comes challenges. Security teams lose visibility and control over how sensitive data are being handled. Remote access to cloud apps needs to be secure and visible to prevent accidental or malicious data leakage, cyber security attacks and general non-compliance with industry and legislative mandates.
Hybrid Security Challenges
As work has become less formal and more flexible, so have the ways in which we communicate and collaborate. Microsoft 365 and Google Workspace were already the productivity suites of choice for millions of employees around the world, but other software-as-a-service (SaaS) have also boosted remote productivity over the last 18 months. These include Salesforce, Workday, Slack, Box and Dropbox.
It's been great for business continuity and it might even have helped to finish off the idea that people must be in the same room in order to inspire each other and think creatively. But the growth of cloud communication and collaboration also amplifies some of the challenges enterprises face in terms of how sensitive data is handled as it moves freely between the cloud and users, bypassing any perimeter-based security measures.
Now that hybrid working is becoming embedded as the norm in many organisations, employees are changing up the scenery by working from home, in coffee shops, pop-up office spaces and in transit. This is posing a series of challenges which channel partners need to help their customers resolve. When employees are working from multiple locations and using a mix of work issued and personally owned devices, how do enterprises retain full visibility of what employees access and transfer? How can they pick up unusual behaviour which might indicate a threat? How do they protect themselves from data compromise? And how do they do all that without hindering the productivity of employees and giving the impression that they don't trust their staff?
The case for CASB
Channel partners can help their customers to resolve these challenges by positioning Cloud Access Security Brokers (CASBs) as the optimal solution to ensure that collaboration doesn't come at the expense of data security. Unlike the virtual private networks (VPNs) they are replacing — which make little sense at a time when users can access cloud data directly from the internet — CASB solutions are security solutions designed for cloud.
Instead of using multiple tools to secure individual aspects of connectivity infrastructure, CASBs sit between enterprise users and the cloud and provide secure access to cloud apps and prevent data leakage and compromise. In contrast to legacy security tools which are often location specific, CASBs protect enterprise data as it moves between SaaS apps and users.
The market for CASB solutions has been boosted by the pandemic and the embedding of a hybrid working culture in the customer base of resellers. CASBs provide granular visibility and powerful data protection controls so enterprises can feel confident not only that enterprise data is secure, but that they can prove compliance with data protection mandates.
CASB solutions should also provide integrated threat protection against malware alongside behaviour analysis and data loss prevention technologies to mitigate against insider threats or other fileless cyber threats like compromised accounts, which are accounting for a growing proportion of the threats encountered by security teams.
CASBs empower employees to collaborate using the SaaS apps, devices and location of their choosing. They are a powerful addition to channel partner portfolios, enabling partners to add value to enterprises who can see the advantages that hybrid working can bring, but have concerns about the impact on their cybersecurity and compliance.
Find out more about how partnering with Lookout to offer CASB solutions can help you enable secure and efficient hybrid working at your customers' organisations.
This article is funded by Lookout